HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   SSL Certificate for webmail (http://www.howtoforge.com/forums/showthread.php?t=14612)

dayjahone 10th August 2007 01:44

SSL Certificate for webmail
 
I bought an SSL certificate and it works great; however, I would the roundcube login page to use this same certificate because it doesn't give the security warnings. Is this possible?

till 10th August 2007 12:33

This is possible. You will have to replace the SSL cert of the ISPconfig webserver on port 81 with your certificate. The ISPconfig server has its SSL certs in /root/ispconfig/httpd/... and then some subdirectory with ssl in the name, I dont remember the exact name at the moment :)

dayjahone 10th August 2007 16:57

How do I know which file it is?

Quote:

/root/ispconfig/httpd/conf/ssl.crt/e52d41d0.0
/root/ispconfig/httpd/conf/ssl.crt/82ab5372.0
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-dsa.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-rsa.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-ca-dsa.crt
/root/ispconfig/httpd/conf/ssl.crt/Makefile
/root/ispconfig/httpd/conf/ssl.crt/server.crt
/root/ispconfig/httpd/conf/ssl.crt/5d8360e1.0
/root/ispconfig/httpd/conf/ssl.crt/README.CRT
/root/ispconfig/httpd/conf/ssl.crt/ca-bundle.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-ca-rsa.crt
/root/ispconfig/httpd/conf/ssl.crt/0cf14d7d.0
and do I just copy my .crt file in there and rename it?

falko 10th August 2007 18:21

I think it's this one: /root/ispconfig/httpd/conf/ssl.crt/server.crt :)

dayjahone 10th August 2007 18:28

The reason for the post is that it didn't work. I copied the new .crt file into that directory, renamed the existing server.crt file to server_original.crt, renamed the new .crt file "server.crt," and restarted apache. It still comes up with the old certificate.

till 10th August 2007 18:33

Which apache did you restart? You must run:

/etc/init.d/ispconfig_server restart

dayjahone 10th August 2007 18:36

Now it can't connect to ISPConfig at all. The certificate does have an intermediate certificate . . . would that matter? With the site, it just made it so I still got the warning on every browser except ie. It won't even pull up my login page, though. It just says it can't connect. I just renamed the .crt file? Is there more I needed to do?

till 10th August 2007 20:46

You must replace the key too, not just the cert as key and cert always belong together. If your certificate needs a intermediate cert, you will have to install this too in the httpd.conf which is in /root/ispconfig/httpd/conf/

dayjahone 13th August 2007 00:43

So, I want to use the same certificate for my site as I'm using to login to roundcube webmail. It all works, except they have different hostnames: mail.mydomain.com is my server, while the certificate is for www.mydomain.com. So, it works but gives an error that, in Internet Explorer, is no less scary than the one I got with a self-signed certificate. From my understanding the hostname for the server could be anything, so can I just change the hostname on my server to www? Or is it possible to change it so you login to roundcube mail from the site rather than port 81 of the server? Basically, is there an easier way than changing the IP on the server and buying a new certificate for the same domain with a different hostname and IP address?

till 13th August 2007 10:31

You do not have to change the hostname of the serve for that because ISPConfig listens on all IP addresses and domains of the server. Just use:

https://www.mydomain.com:81/roundcube/

to connect to your roundcube without changing any config files.


All times are GMT +2. The time now is 05:29.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.