Hey guys! Long time no see! I need assistance regarding SSL Certificates. I followed the ISPConfig 2 setup on Debian by Falko exactly, except for the hostname part. The hostname was supposed to be www according to Falko's tutorial, that's the only thing I didn't do exactly as instructed. Instead I made the hostname chronikal, instead of www...however I still use http://www.mysite.com:81 for the ISPConfig panel. Previously, I had purchased a RapidSSL certificate which has expired. I had done everything as instructed and still got warnings in Internet Explorer saying "Certificate Mismatch" or something of the sort. I am about to buy a new SSL Cert through Globalsign, ya know the expensive ass SSL certs, and I want to get it right. I know the 3 lines to regenerate the OpenSSL cert, however my question is, can i have a machine with the fully qualified domain name of: chronikal.mysite.org On the linux server, and still use vhosts to send people to: https://www.mysite.com:81 - to access the the admin panel. Do I have to change my hostname on my linux server to "www" or can I get the certificate to be valid, and not show the "mismatch error" as is. Falko, Till, & all the others who have been so cool to share knowledge in the past, much respect to you! Long live the ISPConfig krew! Lemme know! Thanks fellas!
Previously, I had purchased a RapidSSL certificate which has expired. << so did you previously successfully used the RapidSSL certificate on your server with the hostname "chronikal.mysite.org" ?
SSL help Yes, well sort of. I generated the certificate using "www.mysite.com" instead of the server hostname chronikal.mysite.com which was used during the ispconfig 2 install. Does the FIRST web used while installing ispconfig have to be used for SSL certs? I'm not educated when it comes to SSL stuff so thanks for your help. I installed ISPConfig 2 when i was using Debian Etch 4.0 and Postfix was not in the repository then. It is now with Debian Lenny 5.0 and can be installed with apt-get/synaptic whatever. ALSO: The 365 day SSL cert has expired. When I tried the steps for regenerating a new certificate: Code: openssl genrsa -des3 -passout pass:password -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024 openssl req -new -passin pass:password -passout pass:password -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 3650 openssl req -x509 -passin pass:password -passout pass:password -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 3650 I was unable to send mail period with webmail. I had done this last year on my laptop & it had hardware failure so i didnt get to save all of my notes on what i did 365 days ago unfortunately. Thanks for ur advice in advanced, let me know what i must do to just regenerate the OpenSSL certificate so i am still able to send mail with the ispconfig roundcube pkg! I will figure out buying a new SSL cert with my ispconfig port 81 ssl cert later. -kextra1
found ya haha hey cuz, figured i'd find you on howtoforge after that call ltns BTW, did you try this: Code: chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key /etc/init.d/ispconfig_server restart after the code you entered in the message above?
