Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 10th October 2008, 15:27
PermaNoob PermaNoob is offline
Senior Member
 
Join Date: Jan 2007
Posts: 194
Thanks: 12
Thanked 5 Times in 5 Posts
Default How do I update the server ssl certificate?

I saw a reference in the forums to an SSL tab in IspConfig, but I can't locate it.

The reason is I've been getting Server Certificate Expired errors in Thunderbird, and I suspect it's because the certificate expiration was January, 2008, so I probably just need to reset the date.

Last edited by PermaNoob; 10th October 2008 at 15:37.
Reply With Quote
Sponsored Links
  #2  
Old 11th October 2008, 12:02
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 37,037
Thanks: 841
Thanked 5,659 Times in 4,466 Posts
Default

Very service has its own cert. For the webinterface, take a look here:

http://www.howtoforge.com/forums/sho...58&postcount=4

For SMTP, take a look at the perfect setup guide for your linux distribution.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 12th October 2008, 14:30
PermaNoob PermaNoob is offline
Senior Member
 
Join Date: Jan 2007
Posts: 194
Thanks: 12
Thanked 5 Times in 5 Posts
Default

I ran this code from the first link: http://www.howtoforge.com/forums/sho...58&postcount=4

Quote:
openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key
and got nothing but errors.

Can someone who has done this successfully write noob instructions?

I just need to change the date on the certificate.
Reply With Quote
  #4  
Old 12th October 2008, 14:48
geoffmerritt geoffmerritt is offline
Junior Member
 
Join Date: Oct 2007
Location: Adelaide
Posts: 4
Thanks: 2
Thanked 2 Times in 1 Post
Default

Don't know if I am stating the obvious, I assume that you replaced "yourpassword" with your password

And when I did the initial installation I also change the 365 to 3650 to last 10 years instead of 1
Reply With Quote
  #5  
Old 12th October 2008, 15:21
PermaNoob PermaNoob is offline
Senior Member
 
Join Date: Jan 2007
Posts: 194
Thanks: 12
Thanked 5 Times in 5 Posts
Default

Quote:
Originally Posted by geoffmerritt View Post
Don't know if I am stating the obvious, I assume that you replaced "yourpassword" with your password

And when I did the initial installation I also change the 365 to 3650 to last 10 years instead of 1
By noob instructions I mean instructions where nothing is assumed, which I know is difficult for many of you guys.

Replacing "yourpassword" is not obvious because part of the script might replace it for you.

Should it be a password created for the certificate, the ISPConfig password, or the server root password?

I'm also unsure about the line breaks in the commands.

Access was denied for some commands--do the files have to be chmod'd for write permission or should all the old certificate files just be deleted?

Really, I just need step-by-step instructions by someone who has done it successfully, and I doubt that I'm the only one.
Reply With Quote
  #6  
Old 12th October 2008, 15:54
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 37,037
Thanks: 841
Thanked 5,659 Times in 4,466 Posts
Default

You have to run the commands as root user. The commands are complete and they work even if you dont replace yourpassword with your own password, its just not very secure if you dont replace it.

As a side node: If you tell us that something does not work and you do not post the error messages, nobody is able to help you.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 27th November 2008, 02:48
PermaNoob PermaNoob is offline
Senior Member
 
Join Date: Jan 2007
Posts: 194
Thanks: 12
Thanked 5 Times in 5 Posts
 
Default

OK, got it to work.

The script didn't run because notepad was screwing up the line breaks. I switched to gizmo and that fixed that.

Also I was trying to run the whole script at once instead of running it line-by-line. Once I ran it one line at a time, the date changed on the certificate.

For other noobs, restart ISPConfig with /etc/init.d/ispconfig_server restart
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig Update and SSL disasm Installation/Configuration 3 12th October 2008 15:55
mail delivered in mbox patfee Installation/Configuration 8 11th December 2007 14:58
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 18:59
HotSaNIC domino Tips/Tricks/Mods 23 6th November 2006 06:19
Administrator receive empty mail ??? Stanev General 16 7th April 2006 21:56


All times are GMT +2. The time now is 02:59.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.