self-signed certificate expired

Questions and answers about how to do stuff
Post Reply
dwmp
Posts: 54
Joined: 05 Feb 2016 13:42

self-signed certificate expired

Post by dwmp »

Hello,

we are using the self-signed certificate (EFA 3.0.1.8) and today I got the error in a browser that the certificate expired (validity was one year).
How can I renew it?

Thanks!
BR
dwmp
Woger
Posts: 67
Joined: 15 Mar 2017 10:54

Re: self-signed certificate expired

Post by Woger »

I would use a letsencrypt certificate. Check here: viewtopic.php?f=15&t=2204

official but free certificate and won't expire with the cron.
dwmp
Posts: 54
Joined: 05 Feb 2016 13:42

Re: self-signed certificate expired

Post by dwmp »

Hello,

thanks for the answer. But self-signed certificates are sufficient for us, so how can I prolong it?
Thanks.

BR
dwmp
dwmp
Posts: 54
Joined: 05 Feb 2016 13:42

Re: self-signed certificate expired

Post by dwmp »

Has someone an idea?
Thanks!
stusmith
Posts: 63
Joined: 27 Jan 2017 15:24

Re: self-signed certificate expired

Post by stusmith »

https://www.digitalocean.com/community/ ... s-and-csrs

and

http://stackoverflow.com/questions/1017 ... th-openssl

I believe that the file that you need to edit is /etc/httpd/conf.d/ssl.conf

Code: Select all

    100 #   Server Certificate:
    101 # Point SSLCertificateFile at a PEM encoded certificate.  If
    102 # the certificate is encrypted, then you will be prompted for a
    103 # pass phrase.  Note that a kill -HUP will prompt again.  A new
    104 # certificate can be generated using the genkey(1) command.
    105 SSLCertificateFile /etc/pki/tls/certs/my.pem
    106
    107 #   Server Private Key:
    108 #   If the key is not combined with the certificate, use this
    109 #   directive to point at the key file.  Keep in mind that if
    110 #   you've both a RSA and a DSA private key you can configure
    111 #   both in parallel (to also allow the use of DSA ciphers, etc.)
    112 SSLCertificateKeyFile /etc/pki/tls/private/my.key
    113
    114 #   Server Certificate Chain:
    115 #   Point SSLCertificateChainFile at a file containing the
    116 #   concatenation of PEM encoded CA certificates which form the
    117 #   certificate chain for the server certificate. Alternatively
    118 #   the referenced file can be the same as SSLCertificateFile
    119 #   when the CA certificates are directly appended to the server
    120 #   certificate for convinience.
    121 #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
    122
    123 #   Certificate Authority (CA):
    124 #   Set the CA certificate verification path where to find CA
    125 #   certificates for client authentication or alternatively one
    126 #   huge file containing all of them (file must be PEM encoded)
    127 #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
You should be able to copy the files that you make using the instructions in the link to the paths listed in your file and restart apache.
dwmp
Posts: 54
Joined: 05 Feb 2016 13:42

Re: self-signed certificate expired

Post by dwmp »

Thanks, worked!
Post Reply