[CentOS] Ignorant question on SSL certs
Jason Pyeron
jpyeron at pdinc.us
Tue Mar 3 15:28:59 UTC 2015
> -----Original Message-----
> From: Timothy Murphy
> Sent: Tuesday, March 03, 2015 10:13
>
> Jason Pyeron wrote:
>
> >> I'm getting endless complaints about my dovecot cert,
> >
> > Exact message please?
>
> The certificate does not apply to the given host
So lets deal with this first.
What is the hostname?
What is the subject of the certificate [hint, I asked for the cert to be posted last time]?
> The certificate is not signed by any trusted certificate authority
We will address this after we get more data on the problem.
>
> >> Do I really have to use a separate cert and key for dovecot?
> >> Can I not use the "standard" cert in /etc/pki/tls/certs (and key)
> >> from CACert.org ?
> >
> > Post the certificate only, not the private key.
Like this: openssl x509 < /etc/pki/dovecot/certs/dovecot.pem
>
> I've looked at the cert and key and they look ok for what they are,
> a self-signed certificate and key, as created (years ago)
> following the instructions in the dovecot installation instructions.
>
> I'm really just asking if I cannot just use what I take to be
> the standard openssl certificate and key in /etc/pki/tls/
> Do I really have to create up a special cert for dovecot?
It depends on what you mean by special and was it done properly the first time.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100 -
- +1 (443) 269-1555 x333 Baltimore, Maryland 21218 -
- -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is copyright PD Inc, subject to license 20080407P00.
More information about the CentOS
mailing list