Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 10th August 2007, 00:44
dayjahone dayjahone is offline
Senior Member
 
Join Date: Jan 2007
Posts: 421
Thanks: 31
Thanked 0 Times in 0 Posts
Default SSL Certificate for webmail

I bought an SSL certificate and it works great; however, I would the roundcube login page to use this same certificate because it doesn't give the security warnings. Is this possible?
Reply With Quote
Sponsored Links
  #2  
Old 10th August 2007, 11:33
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,776
Thanks: 821
Thanked 5,332 Times in 4,184 Posts
Default

This is possible. You will have to replace the SSL cert of the ISPconfig webserver on port 81 with your certificate. The ISPconfig server has its SSL certs in /root/ispconfig/httpd/... and then some subdirectory with ssl in the name, I dont remember the exact name at the moment
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 10th August 2007, 15:57
dayjahone dayjahone is offline
Senior Member
 
Join Date: Jan 2007
Posts: 421
Thanks: 31
Thanked 0 Times in 0 Posts
Default

How do I know which file it is?

Quote:
/root/ispconfig/httpd/conf/ssl.crt/e52d41d0.0
/root/ispconfig/httpd/conf/ssl.crt/82ab5372.0
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-dsa.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-rsa.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-ca-dsa.crt
/root/ispconfig/httpd/conf/ssl.crt/Makefile
/root/ispconfig/httpd/conf/ssl.crt/server.crt
/root/ispconfig/httpd/conf/ssl.crt/5d8360e1.0
/root/ispconfig/httpd/conf/ssl.crt/README.CRT
/root/ispconfig/httpd/conf/ssl.crt/ca-bundle.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-ca-rsa.crt
/root/ispconfig/httpd/conf/ssl.crt/0cf14d7d.0
and do I just copy my .crt file in there and rename it?
Reply With Quote
  #4  
Old 10th August 2007, 17:21
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

I think it's this one: /root/ispconfig/httpd/conf/ssl.crt/server.crt
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 10th August 2007, 17:28
dayjahone dayjahone is offline
Senior Member
 
Join Date: Jan 2007
Posts: 421
Thanks: 31
Thanked 0 Times in 0 Posts
Default

The reason for the post is that it didn't work. I copied the new .crt file into that directory, renamed the existing server.crt file to server_original.crt, renamed the new .crt file "server.crt," and restarted apache. It still comes up with the old certificate.
Reply With Quote
  #6  
Old 10th August 2007, 17:33
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,776
Thanks: 821
Thanked 5,332 Times in 4,184 Posts
Default

Which apache did you restart? You must run:

/etc/init.d/ispconfig_server restart
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 10th August 2007, 17:36
dayjahone dayjahone is offline
Senior Member
 
Join Date: Jan 2007
Posts: 421
Thanks: 31
Thanked 0 Times in 0 Posts
Default

Now it can't connect to ISPConfig at all. The certificate does have an intermediate certificate . . . would that matter? With the site, it just made it so I still got the warning on every browser except ie. It won't even pull up my login page, though. It just says it can't connect. I just renamed the .crt file? Is there more I needed to do?

Last edited by dayjahone; 10th August 2007 at 18:26.
Reply With Quote
  #8  
Old 10th August 2007, 19:46
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,776
Thanks: 821
Thanked 5,332 Times in 4,184 Posts
Default

You must replace the key too, not just the cert as key and cert always belong together. If your certificate needs a intermediate cert, you will have to install this too in the httpd.conf which is in /root/ispconfig/httpd/conf/
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
dayjahone (12th August 2007)
  #9  
Old 12th August 2007, 23:43
dayjahone dayjahone is offline
Senior Member
 
Join Date: Jan 2007
Posts: 421
Thanks: 31
Thanked 0 Times in 0 Posts
Default

So, I want to use the same certificate for my site as I'm using to login to roundcube webmail. It all works, except they have different hostnames: mail.mydomain.com is my server, while the certificate is for www.mydomain.com. So, it works but gives an error that, in Internet Explorer, is no less scary than the one I got with a self-signed certificate. From my understanding the hostname for the server could be anything, so can I just change the hostname on my server to www? Or is it possible to change it so you login to roundcube mail from the site rather than port 81 of the server? Basically, is there an easier way than changing the IP on the server and buying a new certificate for the same domain with a different hostname and IP address?
Reply With Quote
  #10  
Old 13th August 2007, 09:31
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,776
Thanks: 821
Thanked 5,332 Times in 4,184 Posts
 
Default

You do not have to change the hostname of the serve for that because ISPConfig listens on all IP addresses and domains of the server. Just use:

https://www.mydomain.com:81/roundcube/

to connect to your roundcube without changing any config files.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
dayjahone (13th August 2007)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59
Help installing an SSL certificate james@thereidsonline.com Installation/Configuration 1 26th June 2007 18:11
Hostname issue with SSL Certificate request. mhpcomputerservices General 3 19th December 2006 15:25
ssl Certificate Invalid simplyworks Installation/Configuration 8 16th August 2006 16:44
from http to https after installation? Mahir Installation/Configuration 25 7th December 2005 20:40


All times are GMT +2. The time now is 20:24.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.