SSL on 3.0.2.5 - how to?

Questions and answers about how to do stuff
Post Reply
bostjanc
Posts: 165
Joined: 01 Jun 2016 17:18

SSL on 3.0.2.5 - how to?

Post by bostjanc »

Hi there.
I am trying to replace SSL certificate on EFA.
What I did:
into /etc/pki/tls/certs/localhost.crt i have overwritten my crt certificate from Comodo (its a wildcard)
and into /etc/pki/tls/certs/ca-bundle.crt i have overwritted CA crt from Comodo

rebooted server, but https://efa.domain.com does not open.
What am I doing wrong?
thewomble
Posts: 50
Joined: 17 Jan 2017 12:52

Re: SSL on 3.0.2.5 - how to?

Post by thewomble »

Is Apache running?

service httpd start

or service httpd restart

does that throw any errors?
bostjanc
Posts: 165
Joined: 01 Jun 2016 17:18

Re: SSL on 3.0.2.5 - how to?

Post by bostjanc »

Thanks for the reply. Will need to check.
Is the approach even correct for changing cert on EFA or does it needs to be done on some other places/config files?
With best regards
B
thewomble
Posts: 50
Joined: 17 Jan 2017 12:52

Re: SSL on 3.0.2.5 - how to?

Post by thewomble »

If you are using the same certificate for both TLS (mail) and HTTPS (web)

You have to make sure you have the appropiate lines in main.cf for the mail

and httpd.conf / or / ssl.conf for apache

I use a Digicert wildcard to do the same.
jkissane
Posts: 15
Joined: 14 Dec 2018 10:32

Re: SSL on 3.0.2.5 - how to?

Post by jkissane »

Old topic I know but I just did this to get rid of the warning when users connect to the server to check spam etc. Where I work can generate our own certs so all I had to do was change three lines in the ssl.conf file:

SSLCertificateFile /etc/pki/tls/certs/efa_domainname_ie.crt
SSLCertificateKeyFile /etc/pki/tls/private/efa.domainname.ie.key
SSLCertificateChainFile /etc/pki/tls/certs/DigiCertCA.crt

Restarted apache & all was well.
bostjanc
Posts: 165
Joined: 01 Jun 2016 17:18

Re: SSL on 3.0.2.5 - how to?

Post by bostjanc »

Thanks. Didnt have time to implement it yet but I will definetly use your tip. With best regards B
bostjanc
Posts: 165
Joined: 01 Jun 2016 17:18

Re: SSL on 3.0.2.5 - how to?

Post by bostjanc »

Thanks, it helped
Post Reply