Information
Photography
Syndicate This Blog
Tuesday, May 4. 2010
Apache SSL and Combined Certificates
Current versions of Apache HTTP Server support SSL certificates and keys all in one file; it is no longer required to separate them. Point
This may not be desirable if you wish to have the certificate publicly available somewhere like
SSLCertificateFile at the combined file (commonly .pem) and comment out or omit SSLCertificateKeyFile. This may not be desirable if you wish to have the certificate publicly available somewhere like
/etc/ssl/certs/, available on the web for verification, or use the certificate for other applications for that domain (it's important to keep the key, and thus the combined file, private). In many common cases certificates are only used for an SSL secured web server, however.
Saturday, May 1. 2010
Zimbra 32bit to 64bit Certificate Issue
When upgrading from 32 to 64 bit Zimbra, I could not get the zimbra mailbox (mailboxd) to start. It turned out to be a set of borked certificates. Do yourself a favor if you have this problem and just do this:
Then re-deploy your certificates using the gui admin interface after restarting Zimbra.
mv /opt/zimbra/mailboxd/etc/keystore /opt/zimbra/mailboxd/etc/keystore.borked
sudo /opt/zimbra/bin/zmcertmgr deploycrt self
Then re-deploy your certificates using the gui admin interface after restarting Zimbra.
Continue reading "Zimbra 32bit to 64bit Certificate Issue"