5,576
edits
Changes
From SME Server
Jump to navigationJump to search→Command-Line Quick Reference Guide
Line 94:
Line 94:
/etc/init.d/httpd restart
/etc/init.d/httpd restart
+
+==Certificates==
+see http://wiki.contribs.org/Certificates_Concepts
+===How to change your certificate===
+
+Since SME version 7.1.3, the functionality to configure a Common Name in the certificate is included in the main SME packages and can be configured as follows:
+
+ config setprop modSSL CommonName www.domain.com
+ expand-template /home/e-smith/ssl.crt/crt
+ expand-template /home/e-smith/ssl.key/key
+ signal-event domain-modify
+ signal-event email-update
+
+see this forum thread [http://forums.contribs.org/index.php?topic=33109.15] and bug report [http://bugs.contribs.org/show_bug.cgi?id=1689]
+
+===How to set expiration time===
+
+The SME self signed certificate is valid for one year, and is automatically renewed on the anniversary of the installation date of the SME server OS.
+To specify how long your SME certificate will last for, do the following:
+
+ cp /etc/e-smith/templates/home/e-smith/ssl.crt /etc/e-smith/templates-custom/home/e-smith/ssl.crt
+ nano -w /etc/e-smith/templates-custom/home/e-smith/ssl.crt
+
+change the value for KEYLIFEINDAYS on the first line to the number of days the certificate will remain valid for eg 1826 for 5 years.
+
+Save & exit by pressing the following keys at the same time
+ ctrl o
+ ctrl x
+
+Create a new self signed certificate, with the longer validity period. Replace the filenames below with the correct file/key names applicable to your server.
+ rm /home/e-smith/ssl.crt/servername.domain.com.crt
+ rm /home/e-smith/ssl.key/servername.domain.com.key
+ rm /home/e-smith/ssl.pem/servername.domain.com.pem
+ signal-event post-upgrade
+ signal-event reboot
+
+Install the new certificate into your browser.
+
+Also see http://wiki.contribs.org/Certificates_Concepts
+
==Command-Line Quick Reference Guide==
==Command-Line Quick Reference Guide==
