thoroughfare
Verified User
- Joined
- Aug 11, 2003
- Messages
- 543
Still not working
Matt
Matt
DirectAdmin Support said:Hello,
I'm not getting a popup for https://www.prohs.com:2222 ... maybe close all browsers before trying it again. And if something *was* working, then it probably doesn't need fixing
John
DirectAdmin Support said:Hello,
A certificate is only valid on the domain you bought it for. Ie: www.prohs.com. You will always get a popup on sub.prohs.com with a standard certificate.
John
DirectAdmin Support said:Hello,
They'd need to access it through the value that's in the certificate. (www.prohs.com). It would still be secure if the didn't, but they'd get the popup. You also might need to set the CA Root Certificate in your directadmin.conf file if you want to completely get rid of the popup:
carootcert=/path/to/carootcert
John
# openssl req -new -x509 -keyout /usr/local/directadmin/conf/cakey.pem.tmp \
-out /usr/local/directadmin/conf/cacert.pem
# openssl rsa -in /usr/local/directadmin/conf/cakey.pem.tmp \
-out /usr/local/directadmin/conf/cakey.pem
# rm /usr/local/directadmin/conf/cakey.pem.tmp
# chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
# chmod 400 /usr/local/directadmin/conf/cakey.pem
# /usr/local/etc/rc.d/directadmin restart
Stopping DirectAdmin: [ OK ]
Starting DirectAdmin: [ OK ]
# chown diradmin:diradmin server.crt
# chown diradmin:diradmin server.key
# chmod 400 server.crt server.key
ProHS said:Did you buy a vaild certification from GeoTrust or someone like them?
service directadmin restart
-----BEGIN CERTIFICATE-----
.
.
.
.
.
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
.
.
.
.
.
-----END RSA PRIVATE KEY-----
DirectAdmin Support said:Hello,
apachecert and apachekey are used for the virtualhost directives for apaches httpd.conf files.. not DA. Only the cacert and cakey values actually have any merit for SSL connections with DA. You can change the path of the cacert and cakey to match the apache ones if you want, they should also be valid certificates.
John
apachecert=/etc/httpd/conf/ssl.crt/server.crt
apachekey=/etc/httpd/conf/ssl.key/server.key
cacert=/usr/local/directadmin/conf/cacert.pem
cakey=/usr/local/directadmin/conf/cakey.pem