I need to copy my existing certificate to Dovecot & Postfix. Seems to be pretty straightforward, however here is the problem. In Virtualmin, the Server COnfiguration -> Manage SSL Certificate shows the location of the certificates as follows:
SSL certificate file /home/website/ssl.cert
SSL private key file /home/website/ssl.key
Certificate type Self-signed
I don’t see how to change these locations, and I do not want to use the “copy” function to copy the wrong certs.
The actual certificate files are not Self-Signed, they are from Thawte and are located here:
The correct locations are also shown here: Services -> Configure Website for SSL -> SSL Options - which are the locations listed in /etc/httpd/conf/httpd.conf
How can I correctly install the SSL certs so that they are used by Dovecot & Postfix?
Hmm, did you by chance manually add those SSL certs into Apache, rather than using Virtualmin to do so?
It sounds like Virtualmin is a little confused as to which SSL certificates are being used at the moment.
Let us know what steps you used to add your SSL cert into Apache… that’ll help us figure out what we’ll need to go in order to get Virtualmin to understand which SSL cert your site is using.
Yes, you are correct, this was originally done manually. Here is what I did:
- openssl genrsa -out www.website.com.key 2048
- openssl req -new -key www.website.com.key -out www.website.com.csr
- Paste the CSR in the online order form.
- Got the CRT file back, put it here /etc/httpd/conf/ssl.crt/www.website.com.crt
- Put the KEY file here /etc/httpd/conf/ssl.key/www.website.com.key
- Installed intermediate certs in /etc/httpd/conf/ssl.crt/cabundle.crt
- These lines are in /etc/httpd/conf/httpd.conf:
- Restarted with: /sbin/service httpd restart
Thanks for your help.
Aha, I see!
So, that SSL certificate may not be associated with any particular Virtual Server, which may explain why Virtualmin isn’t seeing them.
If you’d like to associate them with a Virtual Server – what you can do is go into Server Configuration -> Manage SSL Certificate, and add your cert/key in the “New Certificate” tab, and your cabundle in the CA Certificate tab.
Virtualmin will then place a copy of your SSL cert into that user’s home directory.
Also, when you hit the “Copy To” buttons, it will copy the correct SSL cert out to your other services.
OK, SSL certificate installed correctly per your advice. And, I did the “Copy To” for Dovecot and Postfix.
Working fine now - thanks for your help.