Hi, I had obtained a class 1 certificate from StartSSL following howto on my previous Fedora ISPConfig3 installation. Now I've changed to Debian 6 and ISPConfig3 following perfect-server-debian-squeeze-with-bind-and-dovecot-ispconfig-3 and want to use my certificate again. Can I do this? It is the same hardware but different OS so I think there may be a problem. I tried at StartSSL.com to take out another certificate for the same FQDN but it wouldn't let me, said that e.g. server1.example.com certificate already exits. It suggested that I either revoke my current certificate ($25) or apply for a class 2 certificate. Can I use my existing certificate? I need to get rid of the browser cert warnings. Can I go to a class 2 without having to revoke my class 1? Could someone please point in the best direction? Thank you.
The cert is not bound to hardware or OS. You can use the "old" cert on the new installation. I am not totally sure but I think you do not need to revoke the class1 cert (server1.example.com) if you register the class2 cert with a wildcard (*.example.com). The class2 cert you can use on all you machines like server1.example.com, server2.example.com ....
Thank you for your response. Perhaps I did something wrong but I tried to paste my existing cert into the /usr/local/ispconfig/interface/ssl/ispserver.crt file and continued with the howto securing-your-ispconfig-3-installation-with-a-free-class1-ssl-certificate-from-startssl from that point forward. But when it came to restarting apache it got an error. Perhaps I should try it again.
If you use a existing cert, then you have to replace the key as well as key and cert file belong together and apache will not start when ou use the wrong ky for the cert.
I see, I don't have the original key (I've only saved the crt), so I can't reuse my existing cert without it. Thank you Till! I know what to do from here. Thanks again.
