#1  
Old 24th December 2006, 20:23
joeinazusa joeinazusa is offline
Junior Member
 
Join Date: Dec 2006
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default SSL and perfect installation

This is a general questions, I was installing ISPconfig on Centos, then Ubuntu.

When it gets to the SSL portion I am confused.

Is the key generated needing a password and are there any security issues related to this? The guides have the instructions but nothing in the way of if a password should or should not be used....

Is this key for the server itself and should I regenerate this if the hostname changes? Should I change it if this server is redistributed vi VMWARE?

Is this SSL key related at all to the SSL's of the domain email account or webpages, IE I wanted to use some verisigned keys instead of just by the server or CACERT.

Thanks for all the help.


Joe
Reply With Quote
Sponsored Links
  #2  
Old 25th December 2006, 13:20
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Quote:
Originally Posted by joeinazusa
Is the key generated needing a password and are there any security issues related to this? The guides have the instructions but nothing in the way of if a password should or should not be used....
Don't encrypt the keys! http://www.ispconfig.org/manual_installation.htm

Quote:
Originally Posted by joeinazusa
Is this key for the server itself and should I regenerate this if the hostname changes? Should I change it if this server is redistributed vi VMWARE?

Is this SSL key related at all to the SSL's of the domain email account or webpages, IE I wanted to use some verisigned keys instead of just by the server or CACERT.
The certificate is only for the ISPConfig web interface (if you choose to use HTTPS instead of HTTP later during the installation) and therefore has no effect on your web sites.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 26th December 2006, 05:08
joeinazusa joeinazusa is offline
Junior Member
 
Join Date: Dec 2006
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks for the reply,

My question now is why in the perfect installation of CENTOS and UBUNTU are the following instructions added. If ISPCONFIG handles this SSL communication, then why go through this process.

Thanks!!!

Joe

mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
Reply With Quote
  #4  
Old 26th December 2006, 10:58
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,488
Thanks: 813
Thanked 5,259 Times in 4,123 Posts
 
Default

These instructions are for creating the SSL certidicates for postfix mailserver and not for the ISPConfig apache webserver on port 81.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Upgrade from 2.2.0 to 2.2.1 successful but SSL and IMAP stopped working teleriddler Installation/Configuration 8 29th April 2006 14:25
Courier IMAP & POP without SSL work, but not with SSL. Traxus Installation/Configuration 15 4th April 2006 18:50
Manual Apache Installation (1.3.x) protocol Installation/Configuration 3 5th February 2006 14:19
Ssl JaJunk General 2 26th January 2006 21:51
2 Questions (1 SSL Related and 1 dns forward related) phamels Installation/Configuration 11 4th January 2006 01:33


All times are GMT +2. The time now is 15:36.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.