Line 5: |
Line 5: |
| === Maintainer === | | === Maintainer === |
| [mailto:stephdl@de-labrusse.fr stephdl] Stéphane de Labrusse AKA [[User:stephdl|Stephdl]]<br /> | | [mailto:stephdl@de-labrusse.fr stephdl] Stéphane de Labrusse AKA [[User:stephdl|Stephdl]]<br /> |
| + | |
| + | |
| + | === Version === |
| + | {{ #smeversion: smeserver-certificate}} |
| | | |
| === Description === | | === Description === |
− | This contribution for smeserver adds a paner in the server-manager in order to save the certificate, the secret key and eventually the intermediate certificate if needed without the use of the command line interface. | + | This contribution for smeserver adds a panel in the server-manager in order to save the certificate, the secret key and eventually the intermediate certificate if needed without the use of the command line interface. |
| | | |
| see that [[Certificates_Concepts|wiki page]] for more informations on how to set it manually | | see that [[Certificates_Concepts|wiki page]] for more informations on how to set it manually |
Line 27: |
Line 31: |
| | | |
| You will need to answer to many questions, think about it before you type. | | You will need to answer to many questions, think about it before you type. |
− |
| |
− | === Requirements ===
| |
− | You need to enable the [[stephdl]] repository
| |
| | | |
| === Installation === | | === Installation === |
| + | * for sme10 |
| + | yum install smeserver-certificate --enablerepo=smecontribs |
| | | |
− | Remember to first configure the required [[stephdl]] repository, then issue the following command on the SME Server shell:
| + | [[File:Certificate-management.png|x300px]] |
− | | |
− | yum install smeserver-certificate --enablerepo=stephdl
| |
− | | |
− | The 'official' way is to perform
| |
− | | |
− | signal-event post-upgrade; signal-event reboot
| |
− | | |
− | but if you don't want to reboot your server, do
| |
− | | |
− | signal-event console-save
| |
| | | |
| Go to the manage ssl certificate panel on Server Manager and past and save your full server.crt and full server.key (included '''-----BEGIN CERTIFICATE-----/-----END CERTIFICATE-----''' and '''-----BEGIN RSA PRIVATE KEY-----/-----END RSA PRIVATE KEY-----'''). | | Go to the manage ssl certificate panel on Server Manager and past and save your full server.crt and full server.key (included '''-----BEGIN CERTIFICATE-----/-----END CERTIFICATE-----''' and '''-----BEGIN RSA PRIVATE KEY-----/-----END RSA PRIVATE KEY-----'''). |
Line 49: |
Line 42: |
| There is also the possibility of needing a custom certificate from an [http://en.wikipedia.org/wiki/Intermediate_certificate_authorities Intermediate Certificate Authority]. If this is the case you'll get an additional CA certificate and you need to past into the box called 'SSL intermediate chain certificate' | | There is also the possibility of needing a custom certificate from an [http://en.wikipedia.org/wiki/Intermediate_certificate_authorities Intermediate Certificate Authority]. If this is the case you'll get an additional CA certificate and you need to past into the box called 'SSL intermediate chain certificate' |
| | | |
| + | '''Remember''' |
| + | |
| + | * Each time you press Save, the web server is restarted so you may need to load again the page (F5 or ctrl+F5) and look about the SSL certificate displayed by your browser |
| * If you want to get back to the default SME Server certificates, simply blank all the contents and press save. | | * If you want to get back to the default SME Server certificates, simply blank all the contents and press save. |
| * If you set wrong certificates, the server Web may crash. You will have to do a command line in a root Terminal to get back to the default certificate : | | * If you set wrong certificates, the server Web may crash. You will have to do a command line in a root Terminal to get back to the default certificate : |
Line 55: |
Line 51: |
| | | |
| The bad certificates are not removed, but simply not used, then you can go back to the panel and see what is occurring with wrong certificates. | | The bad certificates are not removed, but simply not used, then you can go back to the panel and see what is occurring with wrong certificates. |
| + | |
| + | === Testing === |
| + | |
| + | Here is a website you can use to test your certificates/server: |
| + | |
| + | https://www.ssllabs.com/ssltest |
| | | |
| === Uninstall === | | === Uninstall === |
Line 60: |
Line 62: |
| | | |
| === Bugs === | | === Bugs === |
− | For now there is no entry on bugzilla, please direct your issue to [mailto:stephdl@de-labrusse.fr stephdl] Stéphane de Labrusse AKA [[User:stephdl|Stephdl]]<br />
| + | Please raise bugs under the SME-Contribs section in {{BugzillaFileBug|product=|component=|title=bugzilla}}and select the smeserver-certificate component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-certificate|title=this link}}. |
| + | {{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=smeserver-certificate |noresultsmessage="No open bugs found."}} |
| + | |
| + | |
| + | ===Changelog=== |
| + | Only released version in smecontrib are listed here. |
| + | |
| + | {{ #smechangelog: smeserver-certificate}} |
| + | |
| | | |
| [[Category: Contrib]] | | [[Category: Contrib]] |
| + | [[Category:Administration:Certificates]] |