On 4/18/2014 6:52 PM, li...@rhsoft.net <li...@rhsoft.net> wrote:
cat whatever-filename.crt your-private.key intermediate-a.crt > your.pem
you are done, use that for*whatever* sevrer-software (httpd, postfix, ATS,
dovecot....)
as key and or certificate file
Apparently not, if the certs you get are from RapidSSL...
I cat'd the two files together exactly as Victor described and for some
reason (as Victor pointed out), the intermediate cert I got from
rapidssl had the contents in the wrong order.
I had to manually swap the two keys in the intermediate cert before the
cat command resulted in a correct chained cert.
Apparently their certs are generated specially for web servers? All I
know is, in their order form, they specifically ask exactly what web
server you are running, and what version of SSL, prior to generating the
certs. There is no choice for smtp server, and they have no docs for
installing their certs with postfix (and their docs for dovecot are wrong).
Anyway, this should be fixed up now, everything seems to be working well
except for the few users who apparently are still talking to the old
hostname (hoping Victor will confirm this when he has time, then I'll
post a final SOLVED with what I had to do to get RapidSSL certs working
with postfix (and dovecot).
--
Best regards,
Charles
