| View previous topic :: View next topic |
| Author |
Message |
M*I*B
-
Joined: 05 Dec 2019
Posts: 33
Location: Germany
|
 Posted: Mon Mar 23, 2020 12:26 pm Post subject: Using LE-certs also for hMail?!? |
 |
|
Hello again...
is there a way to use the LE- certs that Abyss create also for hMail? Problem is that the name of the certs change while renew ...
_________________
DLzG
Micha |
|
| Back to top |
  |
 |
devastator82
-
Joined: 10 Mar 2006
Posts: 31
Location: Lithuania
|
|
| Back to top |
|
|
M*I*B
-
Joined: 05 Dec 2019
Posts: 33
Location: Germany
|
| Posted: Mon Mar 23, 2020 4:03 pm Post subject: |
|
|
... ty a lot. I will give it a try and will report the result here ...
_________________
DLzG
Micha |
|
| Back to top |
|
|
M*I*B
-
Joined: 05 Dec 2019
Posts: 33
Location: Germany
|
| Posted: Mon Mar 23, 2020 8:33 pm Post subject: |
|
|
... nope, that doesn't work ...
If I go this way ...
| Code: |
hMail- Server -> SSL-Certs -> (any name) ...
Certificate File = ...Abyss\kcstore\5e****a4.acme.crt
Private Key File = ...Abyss\kcstore\5e****eb.key
|
... I can't connect to the MX anymore :(
I think that hMail need another type of Cert or any other is wrong with it. But at the moment I don't know to fix that ...
BTW:
The files I use are a real domain (Master) and also the MX running on this domain. I also use a global key file for all domains in Abyss so I only have one single key file. Every domain create an own acme.crt and I use definately the right one ...
EDIT say:
I have now create CertFiles at SSL4FREE and that works well. So it's what I have in mind before: The Fileformat or anything else with that out of Abyss don't work with hMailserver this way...
_________________
DLzG
Micha |
|
| Back to top |
|
|
admin
Site Admin
Joined: 03 Mar 2002
Posts: 1286
|
| Posted: Tue Mar 24, 2020 2:45 pm Post subject: |
|
|
| M*I*B wrote: | ... nope, that doesn't work ...
If I go this way ...
| Code: |
hMail- Server -> SSL-Certs -> (any name) ...
Certificate File = ...Abyss\kcstore\5e****a4.acme.crt
Private Key File = ...Abyss\kcstore\5e****eb.key
|
|
The values for the parameters are not good at all. You are using the kcstore subdirectory which is "managed" by Abyss Web Server. This will cause a big mess in some situations.
Put there any other path on your hard drive in any directory (anything other than kcstore.)
Second seems to expect PEM certs and keys which are what Abyss Web Server outputs in these files. So there should be no problem.
Our recommendation is to not store the cert and key in kcstore but in another directory and correctly have hMailServer use these files. This should work fine.
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com |
|
| Back to top |
|
|
M*I*B
-
Joined: 05 Dec 2019
Posts: 33
Location: Germany
|
| Posted: Tue Mar 24, 2020 3:06 pm Post subject: |
|
|
... nope ...
the hMailServer don't touch the files; just read it.
I also have copy the two files in the hMail- folder and use it. That also don't work.
It makes no difference whether I integrate the two files directly from the kstore into hMail or their copies in the hMail directory.
With the files generated by ssl4free, however, it worked right away ... But that I have to repeat 4th a year... Not the problem to let generate this, but I have to enter the callange-code in every DNS- entry... that takes an hour every time with much possibility of errors...
That's why I'm try to use the files from Abyss resp. LE due automatic ...just for the reason of my actions...
So there must be a difference between both methodes / files ...
_________________
DLzG
Micha |
|
| Back to top |
|
|
devastator82
-
Joined: 10 Mar 2006
Posts: 31
Location: Lithuania
|
| Posted: Tue Mar 24, 2020 5:07 pm Post subject: |
|
|
| M*I*B wrote: | ... nope ...
the hMailServer don't touch the files; just read it.
I also have copy the two files in the hMail- folder and use it. That also don't work.
It makes no difference whether I integrate the two files directly from the kstore into hMail or their copies in the hMail directory.
With the files generated by ssl4free, however, it worked right away ... But that I have to repeat 4th a year... Not the problem to let generate this, but I have to enter the callange-code in every DNS- entry... that takes an hour every time with much possibility of errors...
That's why I'm try to use the files from Abyss resp. LE due automatic ...just for the reason of my actions...
So there must be a difference between both methodes / files ... |
I have done as Admin said, and works for me.
Edit:
I have deleted default crts to re-download, after i set new directory in abyss web server configuration. |
|
| Back to top |
|
|
M*I*B
-
Joined: 05 Dec 2019
Posts: 33
Location: Germany
|
| Posted: Tue Mar 24, 2020 5:12 pm Post subject: |
|
|
... hmmmm ... Why do that work at your side and not at my side?
I will do later a screenShot to prevent misunderstandings between us due my bad english...
_________________
DLzG
Micha |
|
| Back to top |
|
|
admin
Site Admin
Joined: 03 Mar 2002
Posts: 1286
|
| Posted: Wed Apr 01, 2020 6:16 pm Post subject: |
|
|
M*I*B,
Please get in touch with us using our support email address for a faster exchange. Send us your abyss.conf file for review and let us know how hMailServer is configured and if it reports errors (or its log if any.)
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com |
|
| Back to top |
|
|
M*I*B
-
Joined: 05 Dec 2019
Posts: 33
Location: Germany
|
| Posted: Sun Apr 05, 2020 9:40 pm Post subject: |
|
|
... that I will do next. Take a little time to recreate the config I have try without result ...
_________________
DLzG
Micha |
|
| Back to top |
|
|
|
@abyssws