Snake Oil

[hostpc.com]

E = [email protected]
CN = Snake Oil CA
OU = Certificate Authority
O = Snake Oil, Ltd
L = Snake Town
S = Snake Desert
C = XY

Thats showing as the default certificate in DA, with an expiration date of 10/20/2001.

Is there (I'm sure there is, but how) a way to change this ? Do we (should we) have a cert for every server?

Thanks

 

[DirectAdmin Support]

Hello,

This is from the directadmin.com/installguide.html file:

openssl req -new -x509 -keyout /usr/local/directadmin/conf/cakey.pem.tmp -out /usr/local/directadmin/conf/cacert.pem
openssl rsa -in /usr/local/directadmin/conf/cakey.pem.tmp -out /usr/local/directadmin/conf/cakey.pem
rm /usr/local/directadmin/conf/cakey.pem.tmp
chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem

As for having different certificates.. it's up to you. To me, the main reason to use them is to encrypt the data as is moves between points. I'm not as worried about if the certificate is valid or not, because the data is encrypted either way. It does look more professional to have valid certificates, but not a requirement.

John

 

[lnguyen]

is there any way to change the valid dates? for the certificate?

 

[toml]

is there any way to change the valid dates? for the certificate?

You need to generate a new certificate and that is exactly what John is doing above.

 

[lnguyen]

the first time i did this, it was only a 30 day certificate. if you add the "-days ###" after the first line, you can set it for whatever you want.