I need to re-create the ISPConfig certificates

Discussion in 'Installation/Configuration' started by mrdek11, May 14, 2007.

  1. mrdek11

    mrdek11 New Member

    Hi, I had pressed enter a few times during the configuration when I thought I was supposed to, but apparently wasn't. It seems I missed the option to enter my data for the SSL certificates.
    Now when I try to access my ispconfig installation at https://DOMAIN:81, it says
    " Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate with a different serial number"

    Can somebody give me the command line code for Ubuntu dapper drake to re-create these? I know there is some program called openssl that you can use to create certificates, but I'm not sure exactly how to make ISPConfig ones.

  2. mrdek11

    mrdek11 New Member

    Hi, I found this code on another topic:
    openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
    openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
    openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
    openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
    chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key
    I tried it, and it seemed to work, I restarted saslauthd, and went to my ispconfig page, and I still get the error.
    Last edited: May 14, 2007
  3. aqua

    aqua New Member

    From your description your certificate is most likely fine. The problem is probably from your browser, because it has a copy of the old certificate. Go into your browser settings and delete the certificate pertaining to that domian. Then try surfing to that domain again.

    There must be a way to save your old certificates instead of recreating them everytime you upgrade...

  4. mrdek11

    mrdek11 New Member

    Alright! That and another server reboot fixed it! Thanks :)
    Also, I wasn't upgrading, I had somehow managed to mess up almost all my mail features to an irreplacable extent on my old server, so I just pulled out my newers server and added the perfect setup on there.

Share This Page