problem creating a self-signed certificate
- Thread starter amerce
- Start date
- Joined
- Feb 27, 2003
- Messages
- 8,525
Are you an admin or end user?
Is your IP shared or owned?
Are you changing the servers certificate or your own?
Is it giving you any errors?
Also note that it may take upto 1 minute for apache to restart.
When viewing new certificates, always close all browsers and then start over to view the https page so that your browser gets the new one (vs the old cached snakeoil)
John
Is your IP shared or owned?
Are you changing the servers certificate or your own?
Is it giving you any errors?
Also note that it may take upto 1 minute for apache to restart.
When viewing new certificates, always close all browsers and then start over to view the https page so that your browser gets the new one (vs the old cached snakeoil)
John
- Joined
- Feb 27, 2003
- Messages
- 8,525
Are you referring to the DA ssl connection, or apache?
John
John
- Joined
- Feb 27, 2003
- Messages
- 8,525
Hello,
Did the certificate change when created? Try closing all browsers and starting again before viewing the page.
If the main httpd.conf has been changed, you can double check that the ssl certificates all point to /etc/httpd/conf/ssl.crt/server.crt in the /etc/httpd/conf/httpd.conf file.
John
Did the certificate change when created? Try closing all browsers and starting again before viewing the page.
If the main httpd.conf has been changed, you can double check that the ssl certificates all point to /etc/httpd/conf/ssl.crt/server.crt in the /etc/httpd/conf/httpd.conf file.
John
Read what I'm saying please. I'm not talking about viewing any pages. The shared server certificate for the httpd sits in /etc/httpd/conf/ssl.*.
The default installed ssl certificate is a dummy one. I'm clear so far?
When I log in as an admin user, go to user settings, ssl settings, and generate a new self signed certificate, no matter when I select a pre-generated one or generate one myself, it says "Certificate and Key Saved!". But the certificate's in /etc/httpd/conf/ssl.* _do not get updated_.
_NOTHING_ happens. Please read this carefuly before you reply, since we ain't getting any further like this.
The default installed ssl certificate is a dummy one. I'm clear so far?
When I log in as an admin user, go to user settings, ssl settings, and generate a new self signed certificate, no matter when I select a pre-generated one or generate one myself, it says "Certificate and Key Saved!". But the certificate's in /etc/httpd/conf/ssl.* _do not get updated_.
_NOTHING_ happens. Please read this carefuly before you reply, since we ain't getting any further like this.
- Joined
- Feb 27, 2003
- Messages
- 8,525
Alright, is it creating:
/usr/local/directadmin/data/users/admin/domains/domain.com.cert (and domain.com.key)
If it is, check the date on the files.
If you want me to look for myself, send your IP/root pass and admin login/pass to [email protected] or use https://www.directadmin.com/clients/safesubmit.php
John
/usr/local/directadmin/data/users/admin/domains/domain.com.cert (and domain.com.key)
If it is, check the date on the files.
If you want me to look for myself, send your IP/root pass and admin login/pass to [email protected] or use https://www.directadmin.com/clients/safesubmit.php
John
There is no directory "domains" in /usr/local/directadmin/data/admin.
[22:08]root@black[/usr/local/directadmin/data/admin]# ls -l | grep domains
[22:09]root@black[/usr/local/directadmin/data/admin]#
I'm talking about a global shared server certificate here, which should be in the /etc/httpd/conf/ssl.* dirs right?
I never give root to anyone I haven't seen naked.
Besides, root login is, duh, disabled so I'd have to create you a wheel user. And I just won't give strangers access to my machines.
Perhaps I'm just acting blonde, but how exactly do I create a shared certificate? One thats used for ALL domains on the machine except when specified else.
[22:08]root@black[/usr/local/directadmin/data/admin]# ls -l | grep domains
[22:09]root@black[/usr/local/directadmin/data/admin]#
I'm talking about a global shared server certificate here, which should be in the /etc/httpd/conf/ssl.* dirs right?
I never give root to anyone I haven't seen naked.
Besides, root login is, duh, disabled so I'd have to create you a wheel user. And I just won't give strangers access to my machines. Perhaps I'm just acting blonde, but how exactly do I create a shared certificate? One thats used for ALL domains on the machine except when specified else.
Last edited:
- Joined
- Feb 27, 2003
- Messages
- 8,525
Hello,
However, it should be creating the shared certificate and key in /etc/httpd/conf/ssl.crt/server.crt and /etc/httpd/conf/ssl.key/server.key when you create/paste a signed certificate as admin through the ssl section in the User Panel.
I'm not sure why it's not working for you, but you are in no way obligated to send your root info if you don't want to
As a last resort, you could always just do it manually using openssl.
John
Correct, that's because it's in: /usr/local/directadmin/data/users/admin
However, it should be creating the shared certificate and key in /etc/httpd/conf/ssl.crt/server.crt and /etc/httpd/conf/ssl.key/server.key when you create/paste a signed certificate as admin through the ssl section in the User Panel.
I'm not sure why it's not working for you, but you are in no way obligated to send your root info if you don't want to
As a last resort, you could always just do it manually using openssl.
John
Whoops. Though there's no "admin" dir either.
[23:12]root@black[/usr/local/directadmin/data/users]# cd admin
admin: No such file or directory.
Yeah ofcourse I can do that (just creating it from the commandline), but we're not talking about me here, not everyone knows howto/wants to do it that way. DA is installed so that users dont have to use any shell commands.
[23:12]root@black[/usr/local/directadmin/data/users]# cd admin
admin: No such file or directory.
Yeah ofcourse I can do that (just creating it from the commandline), but we're not talking about me here, not everyone knows howto/wants to do it that way. DA is installed so that users dont have to use any shell commands.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
Because DA installs on top of your own OS install, there's always the possibility DA will not be able to do something correctly.
John has already offered to log into your system and check to see what's wrong.
Experience reading the forums shows us that John will find what's wrong, fix, it, and explain it for the forum archives.
Since, as you say, this may be an important issue for a lot users in the future, I hope you'll let him log in and find the problem so he can fix it for all of us.
Jeff
John has already offered to log into your system and check to see what's wrong.
Experience reading the forums shows us that John will find what's wrong, fix, it, and explain it for the forum archives.
Since, as you say, this may be an important issue for a lot users in the future, I hope you'll let him log in and find the problem so he can fix it for all of us.
Jeff