Results 1 to 5 of 5

Thread: Replacing self signed SSL with new CA Signed SSL

  1. #1
    Join Date
    May 2008
    Location
    Saint Louis
    Beans
    50
    Distro
    Ubuntu 12.04 Precise Pangolin

    Replacing self signed SSL with new CA Signed SSL

    I recently deployed a secure email server on my server at home and in that process I applied a new SSL certificate to the mail server. I already had a self signed certificate in place for my website, but I'd like to delete that and put the new SSL in place since it's not self signed.

    The email server tut I used was arstechnica from last month

    So my question is how do I remove the self signed certificate and use the new certificate OR can I even do that?
    do I need to generate an additional cert for the website?

    When I visit startssl.com and retrieve the certificate, it says it is for mail.mydomain.com (Server - Class 1 - 2015-04-25)
    _whitty saying

  2. #2
    Join Date
    May 2008
    Location
    Saint Louis
    Beans
    50
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Replacing self signed SSL with new CA Signed SSL

    anything?
    _whitty saying

  3. #3
    Join Date
    Nov 2008
    Location
    Storybrooke
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Replacing self signed SSL with new CA Signed SSL

    Hi, what webserver are you using?
    Can you post the configuration of the virtual host you are using?
    Ubuntu Forums Moderation Staff
    Okay then. We're relying on mirror dust and fairies but now we have a plan which is progress - Emma

  4. #4
    Join Date
    May 2008
    Location
    Saint Louis
    Beans
    50
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Replacing self signed SSL with new CA Signed SSL

    I am using Apache webserver

    Code:
    <VirtualHost *:443>
         ServerName SERVER NAME
         ServerAlias www.MYDOMAIN.com
         ServerAdmin webmaster@MYDOMAIN.com
         RewriteEngine On
         SSLEngine On
         SSLCertificateFile /etc/ssl/crt/apache-cert.pem
         SSLCertificateKeyFile /etc/ssl/key/apache-key.pem
         DocumentRoot /var/www/MYDOMAIN.com/owncloud/
         <Directory />
            Options FollowSymLinks
            AllowOverride All
         </Directory>
         ErrorLog /var/www/MYDOMAIN.com/logs/error.log
         CustomLog /var/www/MYDOMAIN.com/logs/access.log combined
    </VirtualHost>
    _whitty saying

  5. #5
    Join Date
    May 2008
    Location
    Saint Louis
    Beans
    50
    Distro
    Ubuntu 12.04 Precise Pangolin

    Cool Re: Replacing self signed SSL with new CA Signed SSL

    After my last reply, I realized that I only need to point the virtual host to the new SSL cert and key. Even though the cert is issued to mail.mydomain.com it still includes my top level domain. I did have to import the cert to my desktop browser, but it worked, whereas before with the self signed cert it was never trusted.
    _whitty saying

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •