Page 1 of 1
self-signed certificate expired
Posted: 20 Mar 2017 11:29
by dwmp
Hello,
we are using the self-signed certificate (EFA 3.0.1.8) and today I got the error in a browser that the certificate expired (validity was one year).
How can I renew it?
Thanks!
BR
dwmp
Re: self-signed certificate expired
Posted: 20 Mar 2017 14:20
by Woger
I would use a letsencrypt certificate. Check here:
viewtopic.php?f=15&t=2204
official but free certificate and won't expire with the cron.
Re: self-signed certificate expired
Posted: 21 Mar 2017 09:10
by dwmp
Hello,
thanks for the answer. But self-signed certificates are sufficient for us, so how can I prolong it?
Thanks.
BR
dwmp
Re: self-signed certificate expired
Posted: 24 Mar 2017 06:56
by dwmp
Has someone an idea?
Thanks!
Re: self-signed certificate expired
Posted: 24 Mar 2017 12:15
by stusmith
https://www.digitalocean.com/community/ ... s-and-csrs
and
http://stackoverflow.com/questions/1017 ... th-openssl
I believe that the file that you need to edit is
/etc/httpd/conf.d/ssl.conf
Code: Select all
100 # Server Certificate:
101 # Point SSLCertificateFile at a PEM encoded certificate. If
102 # the certificate is encrypted, then you will be prompted for a
103 # pass phrase. Note that a kill -HUP will prompt again. A new
104 # certificate can be generated using the genkey(1) command.
105 SSLCertificateFile /etc/pki/tls/certs/my.pem
106
107 # Server Private Key:
108 # If the key is not combined with the certificate, use this
109 # directive to point at the key file. Keep in mind that if
110 # you've both a RSA and a DSA private key you can configure
111 # both in parallel (to also allow the use of DSA ciphers, etc.)
112 SSLCertificateKeyFile /etc/pki/tls/private/my.key
113
114 # Server Certificate Chain:
115 # Point SSLCertificateChainFile at a file containing the
116 # concatenation of PEM encoded CA certificates which form the
117 # certificate chain for the server certificate. Alternatively
118 # the referenced file can be the same as SSLCertificateFile
119 # when the CA certificates are directly appended to the server
120 # certificate for convinience.
121 #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
122
123 # Certificate Authority (CA):
124 # Set the CA certificate verification path where to find CA
125 # certificates for client authentication or alternatively one
126 # huge file containing all of them (file must be PEM encoded)
127 #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
You should be able to copy the files that you make using the instructions in the link to the paths listed in your file and restart apache.
Re: self-signed certificate expired
Posted: 05 Apr 2017 11:17
by dwmp
Thanks, worked!