Server :: Use Two SSL Certificates On The Same Server?
Oct 7, 2010
I have one physical dedicated server. The name of the server is 'mail.iamghost.tld' which is obviously my Postfix mail server for my users. Now I generated SSL self signed certificates with 'OpenSSL' which is for 'mail.iamghost.tld'. I also have Apache installed on the same server to access my webmail application. I created a pointer record for 'url' to point to the same static I.P. as 'mail.iamghost.tld'. So my question is if I also want to encrypt site login's for url, do I need to generate a unique SSL certificate for 'url' or can I use my existing SSL certificates that are assigned to 'mail.iamghost.tld'? It's the same server but when people browse to my 'url' site, I don't want there to be an issue with the certificates saying it's for 'mail.iamghost.tld' when they're really communicating with 'url'.
View 5 Replies
ADVERTISEMENT
Aug 24, 2010
I run a web server on Fedora 12, principally using Apache, MySQL, and PHP. I host a variety of sites, one of which is a family website that contains semi-sensitive personal data for several hundred extended family members, who all have access to the database-driven site.
Until now, I have been using a self-signed SSL certificate to encrypt the data as it is read and written back and forth from my database. Family members have simply had to put up with clicking past certificate warnings as they enter the site, as most browsers flag self-signed certificates as bad. It hasn't really been that much of a bother, but I'd love to do it more professionally. I have looked into buying SSL certificates, but it's a site I host for free and would rather find a cheap or free alternative if possible.
So I'm just fishing for ideas to work with. What are some alternatives to using SSL certificates for moderately strong website encryption? So far, I run only one host on the domain, but may eventually need encryption that would support multiple hosts. Or does anybody know a way to make self-signed certificates work on most popular browsers without being flagged as suspicious?
View 7 Replies
View Related
Apr 19, 2011
I've installed PostgreSQL on Arch Linux & also self generated self signed certificates in /etc/ssl/ directory. My PostgreSQL 'data' directory is /var/lib/postgres/data & I've edited my postgresql.conf file to use SSL however I'm having permission / access problems starting my database using SSL. It can't access the certificates and errors out when I try and start the database engine:
Code:
LOG: autovacuum launcher shutting down
LOG: shutting down
LOG: database system is shut down
FATAL: could not load server certificate file "server.crt": No such file or directory
code....
I don't know what I need to chown or chmod in order to get PostgreSQL to access my self signed certificates.
View 3 Replies
View Related
Apr 4, 2010
I'm trying to set up a 2nd SSL cert on a different domain on a server, each domain has its own IP address, the problem is the Web developer that configured the first domain specified ssl keys for the primary domain in both the vhost config in httpd.conf AND in the ssl.conf config files. If I attempt to remove the keys form ssl.conf the server will not start up. and with them there It will not start up if I specify keys for the secondary domain.
ssl.conf
Code:
LoadModule ssl_module modules/mod_ssl.so
SSLCertificateFile /etc/pki/tls/certs/primary.com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/primary.com.key
SSLCertificateChainFile /etc/pki/tls/certs/primary_gd_bundle.crt
View 14 Replies
View Related
Jan 6, 2011
I have installed Ionix vCM onto a Red Hat Linux box. It correctly communicates with the collection server if I use the Ionix certificate. However, if I use a self-generate certificate, communication fails.
(1) How do I determine which PKI certificates are resident on the Red Hat box?
(2) How do I manually install a PKI certificate?
View 2 Replies
View Related
Jun 28, 2009
I have vsftpd running as FTP server on Ubuntu 9.04 jaunty. Login works correctly with password for local users (those with an login account on the server) and without password for anonymous.
I want to further tighten security by requiring local users to provide a client certificate. But even if I include "require_cert=YES" and "validate_cert=YES" in etc/vsftpd.conf, clients without certificate are allowed to login; require_cert seems to be simply ignored.
View 1 Replies
View Related
Jan 9, 2011
I run couple of sites on a virtual hosting environment and I am in need of adding additional SSL for a different domain name. From what I read on some forum topics indicate that SSL cert requires different IP address. meaning one cert for each IP. Is this true? If so, then I'm having some difficulties understanding the benefits of running virtual host if a server can't host multiple secured site through single IP. Any way to run multiple ssl site within virtual host environment. I'm hoping for a possible workaround.
View 3 Replies
View Related
Jul 26, 2009
I am having problems creating ssl certificates for use with openLDAP. Does anyone know a good centos tutorial as I am having problems finding ones by searching through google and the forums.
To clarify further I have a small network im trying to setup to use ldap for auth due to the size I figured using kerberos for auth would be a bit overkill.....
I have the server up and running fine however at the moment all auth is done by using clear text (which is fine as the network has no connection to the internet at current) however in the future it will so I am trying to use ssl however I am having confusing as which certificates I point to where in the slapd.conf file
View 2 Replies
View Related
Sep 17, 2010
i have a quick question about using plesk on centos 5.x server and installation of ssl certificates. if anyone out there has expertise with above,
View 1 Replies
View Related
Sep 11, 2010
My sendmail server makes use of the TLS_SRV_OPTIONS which is set to `V' meaning it shouldn't verify certificates. As a server, it doesn't and the {verify} macro shows "NOT" in the logs, showing that no certificate request was sent out.
Acting as a client though, and I'm talking both about the server acting as a client towards other mail servers and about the local mail submission agent, it always verifies certificates. My mail submission agent when contacting my own mail server verifies the mail servers' certificate and still, the mail server has not initiated any exchanging of certificates since it still says "verify=NOT" in the logs (whereas the same entry for the submission agent reads OK or FAIL depending on what I use).
So, does mail servers ALWAYS send out its certificates and when they do, the "client" in question (no matter if it's the mail server acting as client or the mail submission agent) validates it because the TLS_SRV_OPTIONS setting just applies to when it's running as a server, or is there a setting to tell Sendmail not to send out certificates since you're not in the business of certificate verification relaying anyways?
View 1 Replies
View Related
Jan 5, 2010
I've recently been asked to setup our FTP server to accept connections from a remote host. They sent me a file "id_dsa.pub" with instructions to add this key to the xfer user.
Unfortunately I've no idea how to do this!
I'm running vsftpd 2.0.5 on Centos 5.3
View 4 Replies
View Related
Feb 17, 2010
I have a Server with Webmin, Usermin and Sendmail using pop3s. I have created a seft signed certificate using webmin. Exported it and imported it to the trusted root certification authorities on my client. This fixes the warning message from internet explorer when attempting making a ssl connection to webmin. When attempting to use usermin or retrieving mail I get that warning that this site's certificate is self signed. I look at the certificate and its not the same as the one I created with webmin. My question is. Is possible to have the same certificate be used by each?
View 6 Replies
View Related
Jan 17, 2009
i am using red hat5 n i want to create X.509 certificates for ipsec vpn help me in creating certificates, not able 2 create certificates guide me ehere is the location for certificates.
View 1 Replies
View Related
Apr 2, 2010
I have installed a linux server in my office to run 16 machines. Its main use will be a internal mail server but will be also running websites.
I have installed Ubuntu 9.10 server x64 and have got apache running.
I am looking for the simplest more robust solution for smtp, pop3 and imap. I have only ever used qmail before and found it a pain to configure and its getting old so I though I should probably try something new. I have not much experience with running pop3 or imap on linux so would love a suggestion on that.
View 4 Replies
View Related
Sep 29, 2010
have to create a webhost on an running fedora server which runs multiple webpages + a coldfusion serveri have to add an coldfusion virtual host to these.what i would do:*crate a new user & group*enter vhosts.conf and copy an existing host and modify it for the new one.*create an new folder and copy the main files (phpstarter and webroot) *chown the files for the right useri think an apache graceful would be needet
View 1 Replies
View Related
May 5, 2011
Right now i have a HP DL 180 Server with 130 Gb Hard Disk & 8 Gb ram after Raiding0+1. i want to configure Domain Controller Server for my office for 200 to 300 Users. what should the partition size must be mentioned in my 130 Gb Hard Disk, is that going to be Sufficient for ME ?
i am bit confused about /Usr /Var /Boot partitions, as i need to manage perfectly in 130 GB
if i go with 4 Gb swap and remaining for " / " is that will be fine ? should i need to specify partition sizes separately for / tmp /var / usr ..
View 3 Replies
View Related
Apr 21, 2011
I'm running a linux cloud server with the following config
1.2ghz Processor allocation
752MB Ram
The site loads slow and clicking a link almost freezes the page for a second. Also, the page loads could be much faster. We've been running mysqltuner and have pretty much optimized all slow queries. Is there anything we can do to fine tune the server for faster and more responsive?
Httpd.conf
Timeout 20
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 5
<IfModule prefork.c>
code....
View 2 Replies
View Related
Jun 21, 2011
iam trying to sync file server data into backup server machine by command- rsync -avu path/of/data ipaddress-of-backup-server:/path/where/to/save after running it ask for root password and manually it is successful.but i want to make it automatic.for that i also tried cronjob and also generated authentication key but iam not successful in login automatically..anybody know how to authenticate root to login for storing data in backup server.
View 14 Replies
View Related
Jan 25, 2011
I will be relocating to a permanent residence sometime in the next year or two. I've recently begun thinking about the best way to implement a home-based network. It occurred to me that the most elegant solution might be the use of VM technology to eliminate as much hardware and wiring as possible.My thinking is this: Install a multi-core system and configure it to run several VMs, one each for a firewall, a caching proxy server, a mail server, a web server. Additionally, I would like to run 2-4 VMs as remote (RDP)workstations, using diskless workstations to boot the VMs over powerline ethernet.The latest powerline technology (available later this year) will allow multiple devices on a residential circuit operating at near gigabit speed, just like legacy wired networks.
In theory, the above would allow me to consolidate everything but the disklessworkstations on a single server and eliminate all wired (and wireless) connections except the broadband connection to the Internet and the cabling to the nearest power outlets. It appears technically possible, but I'm not sure about the various virtual connections among VMs. In theory, each VM should be able to communicate with the other as if it was on the same network via the server data bus, but what about setting up firewall zones? Any internal I/O bandwidth bottlenecks? Any other potential "gotchas", caveats, issues? (Other than the obvious requirement of having enough CPU and RAM).Any thoughts or observations welcome, especially if they are from real world experience in a VM environment. BTW--in case you're wondering why I'm posting here, it's because I run Debian on all my workstations/servers (running VirtualBox as a VM for Windows XP on one workstation).
View 14 Replies
View Related
Feb 16, 2010
I have got a running mail server on CentOS5.4 Final using Zimbra free edition. . Assume that domain is organization.com.local And it is running fine with users created and bugzilla running on the same machine can send mails using this server. But it can obviously send messages to the internal users. There is this option to configure it to use external mail server to send mails outside the network but my external smtp server needs an authentication.Is it possible to configure it this way to use my external server to send mails from internal domain to say gmail?
View 15 Replies
View Related
Jan 6, 2011
i recently installed apache2 mysql php exc. to run a realtime stat site for my servers.the only thing is that the buttons/ images are not showing up.i checked that my GD was up to date and installed perl5 GD. dont know what else to check.my site with problems go to:http://24.20.177.228/stats_public
View 2 Replies
View Related
May 24, 2010
I am working on linux server with below specifications.Linux EDT 2008 i686 i686 i386 GNU/LinuxWhile checking the status of the server using the command 'opmnctl status' and when server is down the output is not getting redirected to file.I m using the command as,opmnctl status > abc.txt.
View 2 Replies
View Related
Jan 8, 2011
i have been trying to complete the following project1) Configure a FTP server where we can upload and download files.........2) server must run at 9 pm & stop at 9 am automatically ............although the first task was easy ,i have no idea how to accomplish the 2nd task(not to mention I'm a new user)
View 5 Replies
View Related
Aug 21, 2010
I've two internet based server ( xx.xx.xx.xx and yy.yy.yy.yy ) The Y server is running VNC server and is responsible for answering to VNC sessions. But I need to hide the IP of Y server so I want X server to be as VNC Proxy and redirect all VNC sessions to Y server.
I guess the best way is to use iptables but actually I can't get it working so
View 4 Replies
View Related
Feb 7, 2011
I'm trying to setup RAID 1 on a CentOS 5 server for a zimbra email server.I get a partion schema error. Can I do this?The server is a HP Proliant ML150 G3 server with two 80GB HDD.
View 1 Replies
View Related
May 18, 2010
Im new in linux i want to configure my redhat machine as both router and transparent proxy!
View 1 Replies
View Related
Jan 9, 2011
uslookup command is giving me an error.otherwise dns is working ok.when i try to look for server from client using.
Code:
I got the following error :-
Code:
But
Quote:
Is working fine.
I think there should be problem in reverse zone file so i am posting my reverse zone file.
Code:
What is meaning of this error?
View 14 Replies
View Related
May 29, 2011
i am trying to send malformed string into ability ftp server in order to have some unexpected crashes. i login in into the ability ftp server on my window 7.On my virtual machine,i am working on a backtrack 4, i tried to send some string to have some unexpected crashes, but i couldn't success.here is the code:
PHP Code:
#!/usr/bin/python
import socket
[code]...
View 14 Replies
View Related
Jun 15, 2011
I have installed the Apache, PHP and MYSQL in the rackspace cloud server environment. Can anyone please guide me How can I configure email server in that with postfix or some other with multiple domain.
View 3 Replies
View Related
Aug 17, 2011
how do i able to allow some users that are able to create content in directory of http server. For example: i have configured a web server which have default document root /var/www/html, now i want to extend my web server through virtual hosting , i have enable virtual hosting, but i want that user sumit is able to create content in /var/www/html/secret. which is the document root for my virtual site?
View 5 Replies
View Related
