real ssl certificate in apache+postfix+ispconfig

Discussion in 'Installation/Configuration' started by the_spy, May 22, 2007.

  1. the_spy

    the_spy New Member

    I have a server and I'm using this name for ispconfig panel, apache, and postfix, and I want to buy a real ssl certificate for this name to put it in the 2 apache configurations and in postfix.

    For the normal apache it should not be a problem with the panel, but for the ispconfig apache, if I put my own server.csr and .crt files to replace the actual self signed certificate files, will they stay even in future upgrades of ispconfig ?

    Then for postfix, I see that there is also a .pem file with the .csr and .crt, I'm not sure which file it is exactly and how we could have it ?

    And finally, will the certificate work for smtp and imap, or is there an other way for imap ?

  2. till

    till Super Moderator Staff Member ISPConfig Developer


    I'am not sure which SSL cert format postfix needs.

    The pop3 and imap server has its own certificate.
  3. the_spy

    the_spy New Member

    ok finally for postfix, it seems that there is no need of this .pem file (at least for the thawte SSL 123 certificate I took). I just copied the .key and .crt from what ispconfig generated for the website to the .key and .crt file for postfix, and removed the .pem in the configuration, restarted postfix, and it seems that it's working great.

    I needed also to restart apache2 because it seems that ispconfig did not do this after I put the certificate content in the panel for the website. I selected "Action: save the certificate" may be that's why it just saved the certificate and not restarted apache ?

    Now I'm doing this for ispconfig apache, and I will search for imap. I will update this thread when I will find how to do.
  4. the_spy

    the_spy New Member

    for ispconfig apache, it was pretty easy like postfix, just needed to replace server.key and server.crt per the files of the website, and restarted ispconfig

    so.. imap now :)
  5. the_spy

    the_spy New Member

    And here is the end of the story:

    for pop3 and imap ssl, there are 2 pem files:

    you need to put the content of the .crt file in it, then the .key

    finally it looks like this in each .pem file:

    crt content
    -----END CERTIFICATE-----
    key content
    -----END RSA PRIVATE KEY-----

    and restarted courier-imap-ssl and courier-pop-ssl.


Share This Page