| View previous topic :: View next topic |
| Author |
Message |
JMMotyer
-
Joined: 06 Jul 2005
Posts: 60
Location: Burlington (Toronto-ish), Ontario, Canada
|
 Posted: Tue Feb 08, 2022 4:50 pm Post subject: Will a Comodo Positive Multi-Domain SSL Certificate work? |
 |
|
Good day, folks.
I wish to purchase a Comodo Positive Multi-Domain SSL Certificate for my Abyss X2 sites.
Has anyone used this multi-domain type of certificate, and if not, does anyone know if it will work?
Thank you in advance & have yourselves a great day.
Regards & be safe,
John |
|
| Back to top |
   |
 |
admin
Site Admin
Joined: 03 Mar 2002
Posts: 1286
|
| Posted: Tue Feb 08, 2022 10:01 pm Post subject: Re: Will a Comodo Positive Multi-Domain SSL Certificate work |
|
|
JMMotyer,
They will work fine. But please note that when generating the CSR in Abyss Web Server, you will need to enter the list of domain names that should be associated iwth the certificate in the "Common Name" field with a space character separating consecutive names.
This is explained in the first note in https://aprelium.com/data/doc/2/abyssws-win-doc-html/ssl.html#CERTIFICATES-CSR .
Apart from that, the certificate request generation and declaration is similar to what is explained in our article https://aprelium.com/abyssws/articles/request-cert-ca.html .
By the way, do you know that Let's Encrypt issues free certificates associated with many domain names (similar in features to the Comodo offer)? These could be obtained for free and automatically with the ACME Bot in Abyss Web Server.
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com |
|
| Back to top |
|
|
JMMotyer
-
Joined: 06 Jul 2005
Posts: 60
Location: Burlington (Toronto-ish), Ontario, Canada
|
| Posted: Tue Feb 08, 2022 10:38 pm Post subject: |
|
|
Thanks for getting back to me.
| Quote: | | By the way, do you know that Let's Encrypt issues free certificates associated with many domain names (similar in features to the Comodo offer)? These could be obtained for free and automatically with the ACME Bot in Abyss Web Server. |
The only problem with that is, I would have to renew it every 90 days, whereas with a paid one, it would be only once a year.
| Quote: | | But please note that when generating the CSR in Abyss Web Server, you will need to enter the list of domain names that should be associated iwth the certificate in the "Common Name" field with a space character separating consecutive names. |
If I were to initially list only my current 5 or 6 X2 domains when generating the CSR, would I be able to regenerate a CSR if/when I were to add more domains to my X2, and would doing so screw me up at Comodo (or whomever I'm with)?
I will take a look now at the 2 links that you mention.
Thanks again for your reply.
[/quote] |
|
| Back to top |
|
|
JMMotyer
-
Joined: 06 Jul 2005
Posts: 60
Location: Burlington (Toronto-ish), Ontario, Canada
|
| Posted: Tue Feb 08, 2022 10:48 pm Post subject: |
|
|
| Quote: | | The only problem with that is, I would have to renew it every 90 days, whereas with a paid one, it would be only once a year. |
OK, I'm still reading the doc in your first link, and it appears that your Acme-Bot will handle the renewals every 90 days.
I have to think this through some more, as some of the certs that I wish to purchase will be used outside of X2 (example: www.domain1.com would be used in Abyss X2, but mail.domain1.com would be used on another device altogether, and ftp.domain1.com would be used on yet another device altogether. |
|
| Back to top |
|
|
JMMotyer
-
Joined: 06 Jul 2005
Posts: 60
Location: Burlington (Toronto-ish), Ontario, Canada
|
| Posted: Wed Feb 09, 2022 7:45 am Post subject: |
|
|
I followed the instructions, but I think I may have missed a step. I generated the CSR, but am I supposed to do something with that CSR? I never received any email from any authority,
These are my screens at present:
Note that the Certificate Store above is empty.
 |
|
| Back to top |
|
|
JMMotyer
-
Joined: 06 Jul 2005
Posts: 60
Location: Burlington (Toronto-ish), Ontario, Canada
|
| Posted: Thu Feb 10, 2022 9:03 pm Post subject: |
|
|
Anyone?
I'm stuck at getting Let's Encrypt to work. I have re-read the instructions numerous times, to see if I missed a step, but can't find where I went wrong.
Am I supposed to receive an email from Let's Encrypt, with files that I need to add into Abyss?
I generated the CSR, but I have no idea what I'm supposed to do with that CSR, so at this time the Certificate Store in Abyss is empty.
Any help would be greatly appreciated, and thank you in advance.
Regards & be safe,
John |
|
| Back to top |
|
|
tfh
-
Joined: 03 May 2020
Posts: 112
Location: Netherlands
|
| Posted: Thu Feb 10, 2022 9:18 pm Post subject: |
|
|
Looking at the above, I would say that the 3 certificates are downloaded and working. When trying to visit your server it seems that it's not responding ar port 443. Have you forwarded those in your firewall / router?
My sites mentioned in my signature run on Abyss X2 with SSL certificates from Let's Encrypt. It works great. One-time setup and the bot automaticly renews the certificates one month up front.
_________________
https://www.arnauddeklerk.com
https://www.file-hunter.com |
|
| Back to top |
|
|
admin
Site Admin
Joined: 03 Mar 2002
Posts: 1286
|
|
| Back to top |
|
|
admin
Site Admin
Joined: 03 Mar 2002
Posts: 1286
|
| Posted: Thu Feb 10, 2022 9:49 pm Post subject: |
|
|
| JMMotyer wrote: | Anyone?
John |
The third screenshot shows that the certificates are already provisioned and reports that they will be automatically renewed on April 9th (1 month before their expiry). So everything is good and running fine.
Haven't you tested accessing them using HTTPS? We did and they show the certs are from Let's Encrypt and valid until May 10.
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com |
|
| Back to top |
|
|
JMMotyer
-
Joined: 06 Jul 2005
Posts: 60
Location: Burlington (Toronto-ish), Ontario, Canada
|
| Posted: Fri Feb 11, 2022 9:07 am Post subject: |
|
|
I can't believe how stupid I was, and deeply embarrassed.
It turns out that I ad neglected to port-forward 443 in my ISP's modem :-).
All is good now, and working perfectly. I even found a post on how to redirect all traffic to HTTPS.
Thanks, everyone, for guiding me through this process.
Have a great day, and be safe.
John |
|
| Back to top |
|
|
tfh
-
Joined: 03 May 2020
Posts: 112
Location: Netherlands
|
| Posted: Fri Feb 11, 2022 9:36 am Post subject: |
|
|
| JMMotyer wrote: | I can't believe how stupid I was, and deeply embarrassed.
It turns out that I ad neglected to port-forward 443 in my ISP's modem :-).
All is good now, and working perfectly. I even found a post on how to redirect all traffic to HTTPS.
Thanks, everyone, for guiding me through this process.
Have a great day, and be safe.
John |
No need to appologize. We're just glad it works now!
_________________
https://www.arnauddeklerk.com
https://www.file-hunter.com |
|
| Back to top |
|
|
|
@abyssws