This is a general questions, I was installing ISPconfig on Centos, then Ubuntu. When it gets to the SSL portion I am confused. Is the key generated needing a password and are there any security issues related to this? The guides have the instructions but nothing in the way of if a password should or should not be used.... Is this key for the server itself and should I regenerate this if the hostname changes? Should I change it if this server is redistributed vi VMWARE? Is this SSL key related at all to the SSL's of the domain email account or webpages, IE I wanted to use some verisigned keys instead of just by the server or CACERT. Thanks for all the help. Joe
Don't encrypt the keys! http://www.ispconfig.org/manual_installation.htm The certificate is only for the ISPConfig web interface (if you choose to use HTTPS instead of HTTP later during the installation) and therefore has no effect on your web sites.
Thanks for the reply, My question now is why in the perfect installation of CENTOS and UBUNTU are the following instructions added. If ISPCONFIG handles this SSL communication, then why go through this process. Thanks!!! Joe mkdir /etc/postfix/ssl cd /etc/postfix/ssl/ openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024 chmod 600 smtpd.key openssl req -new -key smtpd.key -out smtpd.csr openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt openssl rsa -in smtpd.key -out smtpd.key.unencrypted mv -f smtpd.key.unencrypted smtpd.key openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
These instructions are for creating the SSL certidicates for postfix mailserver and not for the ISPConfig apache webserver on port 81.
