Using LE-certs also for hMail?!?

 
Post new topic   Reply to topic    Aprelium Forum Index -> SSL/Certificates
View previous topic :: View next topic  
Author Message
M*I*B
-


Joined: 05 Dec 2019
Posts: 33
Location: Germany

PostPosted: Mon Mar 23, 2020 12:26 pm    Post subject: Using LE-certs also for hMail?!? Reply with quote

Hello again...

is there a way to use the LE- certs that Abyss create also for hMail? Problem is that the name of the certs change while renew ...
_________________
DLzG
Micha
Back to top View user's profile Send private message
devastator82
-


Joined: 10 Mar 2006
Posts: 31
Location: Lithuania

PostPosted: Mon Mar 23, 2020 3:54 pm    Post subject: Reply with quote

Hello.
there are a post to export certificates:
https://aprelium.com/forum/viewtopic.php?t=523379
i used this post to configure my mail server.
Back to top View user's profile Send private message
M*I*B
-


Joined: 05 Dec 2019
Posts: 33
Location: Germany

PostPosted: Mon Mar 23, 2020 4:03 pm    Post subject: Reply with quote

... ty a lot. I will give it a try and will report the result here ...
_________________
DLzG
Micha
Back to top View user's profile Send private message
M*I*B
-


Joined: 05 Dec 2019
Posts: 33
Location: Germany

PostPosted: Mon Mar 23, 2020 8:33 pm    Post subject: Reply with quote

... nope, that doesn't work ...

If I go this way ...

Code:

hMail- Server -> SSL-Certs -> (any name) ...
  Certificate File = ...Abyss\kcstore\5e****a4.acme.crt
  Private Key File = ...Abyss\kcstore\5e****eb.key



... I can't connect to the MX anymore :(

I think that hMail need another type of Cert or any other is wrong with it. But at the moment I don't know to fix that ...

BTW:
The files I use are a real domain (Master) and also the MX running on this domain. I also use a global key file for all domains in Abyss so I only have one single key file. Every domain create an own acme.crt and I use definately the right one ...


EDIT say:
I have now create CertFiles at SSL4FREE and that works well. So it's what I have in mind before: The Fileformat or anything else with that out of Abyss don't work with hMailserver this way...
_________________
DLzG
Micha
Back to top View user's profile Send private message
admin
Site Admin


Joined: 03 Mar 2002
Posts: 1295

PostPosted: Tue Mar 24, 2020 2:45 pm    Post subject: Reply with quote

M*I*B wrote:
... nope, that doesn't work ...

If I go this way ...

Code:

hMail- Server -> SSL-Certs -> (any name) ...
  Certificate File = ...Abyss\kcstore\5e****a4.acme.crt
  Private Key File = ...Abyss\kcstore\5e****eb.key



The values for the parameters are not good at all. You are using the kcstore subdirectory which is "managed" by Abyss Web Server. This will cause a big mess in some situations.

Put there any other path on your hard drive in any directory (anything other than kcstore.)

Second seems to expect PEM certs and keys which are what Abyss Web Server outputs in these files. So there should be no problem.

Our recommendation is to not store the cert and key in kcstore but in another directory and correctly have hMailServer use these files. This should work fine.
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com
Back to top View user's profile Send private message
M*I*B
-


Joined: 05 Dec 2019
Posts: 33
Location: Germany

PostPosted: Tue Mar 24, 2020 3:06 pm    Post subject: Reply with quote

... nope ...

the hMailServer don't touch the files; just read it.
I also have copy the two files in the hMail- folder and use it. That also don't work.

It makes no difference whether I integrate the two files directly from the kstore into hMail or their copies in the hMail directory.
With the files generated by ssl4free, however, it worked right away ... But that I have to repeat 4th a year... Not the problem to let generate this, but I have to enter the callange-code in every DNS- entry... that takes an hour every time with much possibility of errors...
That's why I'm try to use the files from Abyss resp. LE due automatic ...just for the reason of my actions...


So there must be a difference between both methodes / files ...
_________________
DLzG
Micha
Back to top View user's profile Send private message
devastator82
-


Joined: 10 Mar 2006
Posts: 31
Location: Lithuania

PostPosted: Tue Mar 24, 2020 5:07 pm    Post subject: Reply with quote

M*I*B wrote:
... nope ...

the hMailServer don't touch the files; just read it.
I also have copy the two files in the hMail- folder and use it. That also don't work.

It makes no difference whether I integrate the two files directly from the kstore into hMail or their copies in the hMail directory.
With the files generated by ssl4free, however, it worked right away ... But that I have to repeat 4th a year... Not the problem to let generate this, but I have to enter the callange-code in every DNS- entry... that takes an hour every time with much possibility of errors...
That's why I'm try to use the files from Abyss resp. LE due automatic ...just for the reason of my actions...


So there must be a difference between both methodes / files ...


I have done as Admin said, and works for me.

Edit:
I have deleted default crts to re-download, after i set new directory in abyss web server configuration.
Back to top View user's profile Send private message
M*I*B
-


Joined: 05 Dec 2019
Posts: 33
Location: Germany

PostPosted: Tue Mar 24, 2020 5:12 pm    Post subject: Reply with quote

... hmmmm ... Why do that work at your side and not at my side?

I will do later a screenShot to prevent misunderstandings between us due my bad english...
_________________
DLzG
Micha
Back to top View user's profile Send private message
admin
Site Admin


Joined: 03 Mar 2002
Posts: 1295

PostPosted: Wed Apr 01, 2020 6:16 pm    Post subject: Reply with quote

M*I*B,

Please get in touch with us using our support email address for a faster exchange. Send us your abyss.conf file for review and let us know how hMailServer is configured and if it reports errors (or its log if any.)
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com
Back to top View user's profile Send private message
M*I*B
-


Joined: 05 Dec 2019
Posts: 33
Location: Germany

PostPosted: Sun Apr 05, 2020 9:40 pm    Post subject: Reply with quote

... that I will do next. Take a little time to recreate the config I have try without result ...
_________________
DLzG
Micha
Back to top View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> SSL/Certificates All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group