SSL Certificate for webmail

Discussion in 'Installation/Configuration' started by dayjahone, Aug 10, 2007.

  1. dayjahone

    dayjahone Member

    I bought an SSL certificate and it works great; however, I would the roundcube login page to use this same certificate because it doesn't give the security warnings. Is this possible?
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    This is possible. You will have to replace the SSL cert of the ISPconfig webserver on port 81 with your certificate. The ISPconfig server has its SSL certs in /root/ispconfig/httpd/... and then some subdirectory with ssl in the name, I dont remember the exact name at the moment :)
     
  3. dayjahone

    dayjahone Member

    How do I know which file it is?

    and do I just copy my .crt file in there and rename it?
     
  4. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    I think it's this one: /root/ispconfig/httpd/conf/ssl.crt/server.crt :)
     
  5. dayjahone

    dayjahone Member

    The reason for the post is that it didn't work. I copied the new .crt file into that directory, renamed the existing server.crt file to server_original.crt, renamed the new .crt file "server.crt," and restarted apache. It still comes up with the old certificate.
     
  6. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Which apache did you restart? You must run:

    /etc/init.d/ispconfig_server restart
     
  7. dayjahone

    dayjahone Member

    Now it can't connect to ISPConfig at all. The certificate does have an intermediate certificate . . . would that matter? With the site, it just made it so I still got the warning on every browser except ie. It won't even pull up my login page, though. It just says it can't connect. I just renamed the .crt file? Is there more I needed to do?
     
    Last edited: Aug 10, 2007
  8. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    You must replace the key too, not just the cert as key and cert always belong together. If your certificate needs a intermediate cert, you will have to install this too in the httpd.conf which is in /root/ispconfig/httpd/conf/
     
  9. dayjahone

    dayjahone Member

    So, I want to use the same certificate for my site as I'm using to login to roundcube webmail. It all works, except they have different hostnames: mail.mydomain.com is my server, while the certificate is for www.mydomain.com. So, it works but gives an error that, in Internet Explorer, is no less scary than the one I got with a self-signed certificate. From my understanding the hostname for the server could be anything, so can I just change the hostname on my server to www? Or is it possible to change it so you login to roundcube mail from the site rather than port 81 of the server? Basically, is there an easier way than changing the IP on the server and buying a new certificate for the same domain with a different hostname and IP address?
     
  10. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    You do not have to change the hostname of the serve for that because ISPConfig listens on all IP addresses and domains of the server. Just use:

    https://www.mydomain.com:81/roundcube/

    to connect to your roundcube without changing any config files.
     
  11. dayjahone

    dayjahone Member

    Works beautifully!!!
     

Share This Page