Servername with PAID SSL, letsencryot for other domain

C

chispita

New member
Joined
Jul 22, 2017
Messages
1
Hi guys I'm having this issue.

  • Centos 5 + Directadmin 2.0 + letsencrypt installed
  • 7 domains with letsencrypt successfully installed.
  • Browsers says NET::ERR_CERT_AUTHORITY_INVALID for this 7 domains

SSL labs says:

Subject Internet Widgits Pty Ltd( O)
Fingerprint SHA256: f588a28099085ebecc9decd8edcad4d5feaff42324576d523254884dc5b3be51
Pin SHA256: xv4b+RhKjStN+7T68gFzDV9aIOdRlYOHsTPuvmWFpmM=
Common names -
Alternative names - INVALID
Serial Number 00a3e21297bf12ac49
Valid from Mon, 07 Jul 2014 18:24:09 UTC
Valid until Sat, 26 Feb 2039 18:24:09 UTC (expires in 21 years and 7 months)
Key RSA 2048 bits (e 65537)
Weak key (Debian) No
Issuer Internet Widgits Pty Ltd Self-signed
Signature algorithm SHA1withRSA INSECURE
Extended Validation No
Certificate Transparency No
OCSP Must Staple No
Revocation information None
DNS CAA No (more info)
Trusted No NOT TRUSTED

I don't know where the problem is, if I have to buy a new IP for SSL at each domain or should config directadmin.conf just like says this post:
https://help.directadmin.com/item.php?id=629
Because the domain that serves as servername has a paid SSL at globaltrust, not a let's encrypt

How should I config my directadmin.conf to work with paid ssl and letsencrypt for the others?

Thanks!
 
CentOS 5 has an OpenSSL version that doesn't support SNI. If you don't have SNI, you will require each SSL domain to be on it's own IP.

You should really upgrade to CentOS 7, as CentOS 5 is end-of-life and no longer receiving updates.
 
You must log in or register to reply here.
Back
Top