HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   Installation/Configuration (
-   -   trusted SSL cert for webmail? (

TheBirdMan 1st July 2010 20:24

trusted SSL cert for webmail?

Is it possible to replace the server generated ssl cert with a purchased cert for webmail in ispconfig 2 ? I have a customer using an ipad for https webmail access and he can't connect because the cert is untrusted. I created a cert with the webmail server name and ip address but not sure where to put it or if that would be enough to even work.



falko 2nd July 2010 12:58

Yes, you can generate a CSR as shown on and then buy a certificate with the help of this CSR.

id10t 8th July 2010 18:46

FYI StartSSL gives free certs...

TheBirdMan 9th July 2010 07:39

invalid RSA

I modified the server.key2 to 2048 for the godaddy requirements but still get a invalid RSA when submitting. Am I overlooking something simple ?

Ps- I am now a paying subscriber to help with the cause. :)

Thanks for the info on startssl but this customer wants to stick with godaddy for now. I will check it out though.


till 9th July 2010 09:30

Please update your server to ispconfig 2.2.36 and then recreate the sl cert in ispconfig and let it sign from godaddy. Manually editing the server.key2 file does not work as it will not affect the already created csr.

TheBirdMan 13th July 2010 19:42

Does 2.2.36 then give me the option to create a webmail cert from within ispconfig or do I still use "openssl genrsa -des3 -passout pass: password -out /root/ispconfig/httpd/conf/ssl.key/server.key2 2048" ?


till 13th July 2010 19:51

webmail is automatically encrypted with ssl when you used the https option for the ispconfig interface during setup.

TheBirdMan 13th July 2010 20:26

valid cert for webmail
All we really want to do is be able to connect an ipad using https webmail but need a valid cert to do it. I have tried using the "openssl genrsa..." to generate a csr for godaddy but keep getting an invalid key error when submitting the server.key file it generated (maybe i'm doing it wrong).

Also - do we use the update manager to go to 2.2.36 from 2.2.35? and will the upgrade allow us to replace the webmail cert from within ispconfig?

Thanks, This is the last snafoo on this server. :)


falko 14th July 2010 18:01


Originally Posted by TheBirdMan (Post 233593)
Also - do we use the update manager to go to 2.2.36 from 2.2.35?

No - take a look here:

TheBirdMan 24th July 2010 03:08

https webmail valid cert ispconfig2
Hello. Its me again,

The upgrade did the trick and I was able to obtain the cert installing them in /root/ispconfig/httpd/conf/ssl.crt/ and removing the snakoil certs. It is still however not showing the valid cert i purchased when going to https://server:81/webmail. Do I need to also install any apache directives? in /root/ispconfig/httpd/conf/httpd.conf_https maybe ?

ps - that upgrade took a while, I didn't know I could hold my breath that long.



All times are GMT +2. The time now is 06:06.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.