Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Linux version 2.6.29.1-desktop586-4mnb (herton@n2.mandriva.com) (gcc version 4.3.2 (GCC) )
Posts: 20
Rep:
Can SSL Certificates be the same
I have a Server with Webmin, Usermin and Sendmail using pop3s. I have created a seft signed certificate using webmin. Exported it and imported it to the trusted root certification authorities on my client. This fixes the warning message from internet explorer when attempting making a ssl connection to webmin. When attempting to use usermin or retrieving mail I get that warning that this site's certificate is self signed. I look at the certificate and its not the same as the one I created with webmin. My question is. Is possible to have the same certificate be used by each?
Yeah, that's fine, it's the hostname that needs to match the certificate, so using over pop3s, https etc, it doesn't make any difference, as long as the cert is a proper server certificate like yours certainly appears to be.
Distribution: Linux version 2.6.29.1-desktop586-4mnb (herton@n2.mandriva.com) (gcc version 4.3.2 (GCC) )
Posts: 20
Original Poster
Rep:
Thanks for you response and you're right about the hostname because I noticed that using www.hostname.com works and hostname.com doesn't. I guest I should have created the cert with a wildcard (ie *.hostname.com) but that's another matter I'll look into.
I also discovered that webmin uses the cert located in /etc/webmin/miniserv.pem and usemin uses a cert located in /etc/usermin/miniserv.pem
I initialy re-configured usermin to use the webmin cert but changed it back and copied /etc/webmin/miniserv.pem to /etc/usermin/miniserv.pem to keep the default usermin ssl configuration.
So I have one cert on my client and my client can now connect and access webmin and usermin with out any warnings about certificates. But I still get the warning when using Outlook to check mail on my sendmail server using pop3s .. So the million dollar question is where does pop3s daemon look for its certificate?
Hmm, well wu has a pretty poor reputation, and I'm not familiar with it's config any more. I'd recommend dovecot personally, which also has a very clear config file to point to the certificate and CA certs.
Distribution: Linux version 2.6.29.1-desktop586-4mnb (herton@n2.mandriva.com) (gcc version 4.3.2 (GCC) )
Posts: 20
Original Poster
Rep:
Thanks, I believe I figured it out. The certiticate is stored in /etc/ssl/imap folder. Because this server is mail.hostname.com and not www.hostname.com as you mentioned before about hostnames; I created another cert by using openssl reg -new -x509 -nodes -out ipop3sd.pem -keyout ipop3sd.pem -days 3650
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.