M*I*B
-
Joined: 05 Dec 2019
Posts: 33
Location: Germany
|
 Posted: Thu Dec 05, 2019 9:51 am Post subject: sslforfree migration or new? |
 |
|
Geetings from germany,
I'm new here and I'm on my way to get on your nerves in the future ;o) And I'm also not a native english speaker. So be gentle with me and my ugly and sometimes funny english ^^
Background:
I've had a VPS at HostEurope for a little over 20 years now. But due to the fact that HE obviously does not value long-term customers, I moved to AlfaHosting two days ago and rent a very good WIN Server 2016 Datacenter VPS. In that context, I decided to bring my previously preferred applications up to date. So I had the current MariaDB, the last PHP 7.3.x (7.4 makes trouble), the current Apache 2.4 and the current hMail installed. Everything worked fine after importing the data from the old server, except the Apache! The previously under 2.2 functional configurations did not work anymore and I did not manage to get it working properly even after two days and nights.
That's why I was looking for something else and after about two hours of playing around with the trial, I finally acquired an X2 license; I should have done that much earlier; o)
Questions:
So far, I have almost exclusively used sslforfree for wildcard domains. Somewhat dissipative is the fact that you can not really automate this under Windows. Shortly before expiration, it is always necessary to extend the certificate and to manually change the respective TXT entries in the name server in the hope that the NS will also update it promptly.
And now I finally come to my questions:
I get a total of three files from sslforfree. Once the certificate itself (certificate.crt), the key file (private.key) and the chaining file (ca_bundle.crt). In Apache, these are simply inserted into the CONF file for the corresponding domain. That's one of the reasons why I've never really dealt with what file is for what; I just do not know it.
I inserted and imported the contents of the private.key in the field "Key contend", then inserted the contents of certificate.crt in the field "Main Certificate" elsewhere, the contents of the file ca_bundle.crt in the field "CA Root Certificate ". For the field "Intermediate Certificate" I had nothing and therefore left it blank.
Is that right up to here, or have I screwed up ?!
Then I filled out the data for the domain under "Certificate Signing Request" and specified the domains in the corresponding field as I did when generating the certificate at sslforfree, for example in the form "domain1.tld, * .domain1.tld, domain2.tld, * .domain2.tld "
Is that also right up to here, or have I screwed up (again)?!
I'm not shure if that thing work with wildcards this way. And then? Is that all, so that the certificate is extended automatically? I can not imagine that...
BTW: I'm missing a HowTo with pictures (for people like me) about this importand thing ... |
|
admin
Site Admin
Joined: 03 Mar 2002
Posts: 1313
|
| Posted: Mon Dec 09, 2019 11:51 am Post subject: Re: sslforfree migration or new? |
|
|
M*I*B,
sslforfree is just a front end for Let's Encrypt. Why bothering importing and managing the certificates manually when Abyss Web Server can do that for your on an almost semi-automated fashion (because of wildcards - if not for wildcards, this would have been fully automated)?
We suggest checking https://aprelium.com/abyssws/articles/using-acme-cert.html which explains how to get certificates from Let's Encrypt automatically.
If you host has a wildcard in its host name, the ACME Bot of Abyss Web Server will let you know how to update the TXT record and when to request a check for validation by Let's Encrypt servers. The delivery and installation of the certificate will then be done automatically for you.
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com |
|
