1

Topic: Adding a SSL Cert from GeoTrust

==== Required information ====
- iRedMail version: Pro
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Centos
- Related log if you're reporting an issue:
====

Hi there,

We are currently in need of applying a SSL cert from www.geotrust.com due to monitoring / testing needs. i have tried using their configuration with no results. (httpd was restarted and would not come back up). we are pretty urgent on this and need it running. can anyone advise? or tell me what i need to change or modify?

Thanks for your time,
Matt

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Adding a SSL Cert from GeoTrust

if you let us know what exactly is your problem and what you are did maybe i can help

Regards GaXy

3 (edited by matthew.taylor 2013-11-13 06:23:33)

Re: Adding a SSL Cert from GeoTrust

gaxy wrote:

if you let us know what exactly is your problem and what you are did maybe i can help

Regards GaXy


when applying the certificate as stated on the GeoTrust website (after generating keys etc). the issue is i cant apply the .crt and .key files involved in the SSL certification. when i apply them as stated and restart /etc/init.d/httpd restart it fails. What i am in need of help with is applying a valid SSL certificate.

Thanks for your response and sorry if i am not giving enough information, i am not 100% on how this all works and am in need of a hand.

Matt

4

Re: Adding a SSL Cert from GeoTrust

Hi,

The default build for iRedMail installed my keys in the following directories on Centos:

Private Key: /etc/pki/tls/private/iRedMail.key
Certificate File : /etc/pki/tls/certs/iRedMail_CA.pem

What I did was cp the original files to backup rename my PK and Cert to the same name as default, added the path for chained, restarted everything and all worked.

ChainedCA: /etc/pki/tls/certs/dvca.crt

Hope this helps

5

Re: Adding a SSL Cert from GeoTrust

chris wrote:

Hi,

The default build for iRedMail installed my keys in the following directories on Centos:

Private Key: /etc/pki/tls/private/iRedMail.key
Certificate File : /etc/pki/tls/certs/iRedMail_CA.pem

What I did was cp the original files to backup rename my PK and Cert to the same name as default, added the path for chained, restarted everything and all worked.

ChainedCA: /etc/pki/tls/certs/dvca.crt

Hope this helps

Hi Chris, this is exactly the information i was after, Could you confirm to me exactly where you added that path for the ChainedCA? and i take it that this relates to a intermediate.crt?

thanks for your response.

Matt

6

Re: Adding a SSL Cert from GeoTrust

Hi Matt,

In /etc/httpd/conf.d/ssl.conf i added at the bottom of the file above </VirtualHost>

SSLCACertificateFile /etc/pki/tls/certs/dvca.crt

and added ssl_ca_file = /etc/pki/tls/certs/dvca.crt to dovecot.conf

Regards
Chris...