Mailinglist Archive: opensuse (982 mails)

< Previous Next >
Re: [opensuse] When connecting to my own dovecot server, Alpine complains that it is using self-signed certificates.
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Tue, 02 Sep 2014 08:05:23 +0200
  • Message-id: <lu3n9c$tv1$1@saturn.local.net>
Carlos E. R. wrote:

On 2014-09-01 19:38, Per Jessen wrote:
Carlos E. R. wrote:

What I need now is to create a "Certificate Signing Request" from
the already existing dovecot server certificate, or create a new
dovecot certificate together with the corresponding CSR.

I go thru that everytime I install a new HP server. The certificate
is issued by a card on the server (ILO card). I then sign it:

openssl ca -policy policy_anything -days 3650 -in server-ilo.csr -out
server-ilo.crt


Not that.

Apparently I have to do something like this:

openssl req -new -keyout server.key -out server.csr

But that creates the key anew. I would have to find a concoction that
given the existing server.key generates the server.csr. I need to
produce the server.csr. I don't have it. What I have is
/etc/ssl/dovecot.pem and /etc/ssl/private/dovecot.pem.

I don't see the problem in re-issuing the certificate/key? Anyway, I'm
definitely not an expert.

Maybe try this:

http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x195.html

See "2.5.3. Renew a certificate".


I have found the documentation in paper for SLES, though. Expensive
paper.

Huh? You probably don't need to buy SLES just to use the
documentation :-)

No, I mean that it is documented on paper by third parties... not that
you have to buy SLES to run it. The code is apparently the same on
openSUSE, just that this YaST functionality is not explained on the
available free documentation, perhaps on purpose.

You can see some pages of it in the link I posted, the book is good.
Some pages are missing, intentionally.

Aha, I thought it was some of the SUSE documentation (which I think is
all freely downloadable).


--
Per Jessen, Zürich (12.9°C)
http://www.dns24.ch/ - free dynamic DNS, made in Switzerland.

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >