624
edits
Changes
Jump to navigation
Jump to search
mLine 1:
Line 1: − + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 66:
Line 109: − Have much fun with your own certificate ! − − ''Dietmar Berteld (berdie)'' − − =Custom Certificate for SME 7.1.3 and above= − − you only need to do this as the functionality has been added into the main SME packages: − − config setprop modSSL CommonName www.domain.com − expand-template /home/e-smith/ssl.crt/crt − expand-template /home/e-smith/ssl.key/key − signal-event domain-modify − signal-event email-update − − see [http://forums.contribs.org/index.php?topic=33109.15] and [http://bugs.contribs.org/show_bug.cgi?id=1689] − − ''Unnilennium'' − + +
added mkdir command
{{Languages}}
{{Languages}}
=Custom Certificate for SME 7.x=
=Custom Certificate for SME 7.1.3 and above versions=
{{Tip box| The Certificate concept on SME Server is a large topic that you can learn in this dedicated [[Certificates_Concepts|wiki page]]}}
===How to change your certificate===
Since SME version 7.1.3, the functionality to configure a Common Name in the certificate is included in the main SME packages and can be configured as follows:
config setprop modSSL CommonName www.domain.com
expand-template /home/e-smith/ssl.key/key
expand-template /home/e-smith/ssl.crt/crt
signal-event domain-modify
signal-event email-update
see this forum thread [http://forums.contribs.org/index.php?topic=33109.15] and bug report [http://bugs.contribs.org/show_bug.cgi?id=1689]
==How to set expiration time==
The SME self signed certificate is valid for one year, and is automatically renewed on the anniversary of the installation date of the SME server OS.
To specify how long your SME certificate will last for, do the following:
mkdir -p /etc/e-smith/templates-custom/home/e-smith/
cp /etc/e-smith/templates/home/e-smith/ssl.crt /etc/e-smith/templates-custom/home/e-smith/ssl.crt
nano -w /etc/e-smith/templates-custom/home/e-smith/ssl.crt
change the value for KEYLIFEINDAYS on the first line to the number of days the certificate will remain valid for eg 1826 for 5 years.
Save & exit by pressing the following keys at the same time
ctrl o
ctrl x
Create a new self signed certificate, with the longer validity period. Replace the filenames below with the correct file/key names applicable to your server.
rm /home/e-smith/ssl.crt/servername.domain.com.crt
rm /home/e-smith/ssl.key/servername.domain.com.key
rm /home/e-smith/ssl.pem/servername.domain.com.pem
signal-event post-upgrade
signal-event reboot
Install the new certificate into your browser.
Also see http://wiki.contribs.org/Certificates_Concepts
=Custom Certificate for SME 7.0 to less than 7.1.3=
{{Warning box|The following Contrib has been obseleted by the inclusion of functionality in later SME versions (see above). You are advised to upgrade to the latest SME version and use the commands shown above to configure the Common Name.}}
==Maintainer==
==Maintainer==
----
----
[[Category: Contrib]]
[[Category: Howto]]
[[Category:Administration:Certificates]]