self-signed certificate expired

Questions and answers about how to do stuff
Post Reply
dwmp
Posts: 21
Joined: 05 Feb 2016 13:42

self-signed certificate expired

Post by dwmp » 20 Mar 2017 11:29

Hello,

we are using the self-signed certificate (EFA 3.0.1.8) and today I got the error in a browser that the certificate expired (validity was one year).
How can I renew it?

Thanks!
BR
dwmp

Woger
Posts: 19
Joined: 15 Mar 2017 10:54

Re: self-signed certificate expired

Post by Woger » 20 Mar 2017 14:20

I would use a letsencrypt certificate. Check here: viewtopic.php?f=15&t=2204

official but free certificate and won't expire with the cron.

dwmp
Posts: 21
Joined: 05 Feb 2016 13:42

Re: self-signed certificate expired

Post by dwmp » 21 Mar 2017 09:10

Hello,

thanks for the answer. But self-signed certificates are sufficient for us, so how can I prolong it?
Thanks.

BR
dwmp

dwmp
Posts: 21
Joined: 05 Feb 2016 13:42

Re: self-signed certificate expired

Post by dwmp » 24 Mar 2017 06:56

Has someone an idea?
Thanks!

stusmith
Posts: 44
Joined: 27 Jan 2017 15:24

Re: self-signed certificate expired

Post by stusmith » 24 Mar 2017 12:15

https://www.digitalocean.com/community/ ... s-and-csrs

and

http://stackoverflow.com/questions/1017 ... th-openssl

I believe that the file that you need to edit is /etc/httpd/conf.d/ssl.conf

Code: Select all

    100 #   Server Certificate:
    101 # Point SSLCertificateFile at a PEM encoded certificate.  If
    102 # the certificate is encrypted, then you will be prompted for a
    103 # pass phrase.  Note that a kill -HUP will prompt again.  A new
    104 # certificate can be generated using the genkey(1) command.
    105 SSLCertificateFile /etc/pki/tls/certs/my.pem
    106
    107 #   Server Private Key:
    108 #   If the key is not combined with the certificate, use this
    109 #   directive to point at the key file.  Keep in mind that if
    110 #   you've both a RSA and a DSA private key you can configure
    111 #   both in parallel (to also allow the use of DSA ciphers, etc.)
    112 SSLCertificateKeyFile /etc/pki/tls/private/my.key
    113
    114 #   Server Certificate Chain:
    115 #   Point SSLCertificateChainFile at a file containing the
    116 #   concatenation of PEM encoded CA certificates which form the
    117 #   certificate chain for the server certificate. Alternatively
    118 #   the referenced file can be the same as SSLCertificateFile
    119 #   when the CA certificates are directly appended to the server
    120 #   certificate for convinience.
    121 #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
    122
    123 #   Certificate Authority (CA):
    124 #   Set the CA certificate verification path where to find CA
    125 #   certificates for client authentication or alternatively one
    126 #   huge file containing all of them (file must be PEM encoded)
    127 #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
You should be able to copy the files that you make using the instructions in the link to the paths listed in your file and restart apache.

Post Reply

Who is online

Users browsing this forum: No registered users and 0 guests