Aren't all domains in one certificate: key.pem, chain.pem, and
fullchain.pem ?
Do you have these in each apache domain conf file
SSLCertificateFile /etc/letsencrypt/live/'all domain'/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/'all domains'/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/'all
domains'/fullchain.pem
On 10/20/2024 9:42 AM, Tony White wrote:
Hi Eric,
True, certbot does test against the server to verify the
cert is being given to the correct place. All of the domains
are valid and served from the same server as QMT. So that is
not, I think, the issue. If you test every site using openssl
they all return valid certificate data. Yet web browsers using
either squirrelmail or roundcube fail with the single exception
of the primary domain.
Yay! Found out the reason just now....
Every domain must have it own http configuration. That solved that.
Eric, How do I add individual domains ssl certs to QMT?
regards
Tony White
On 21/10/24 01:28, Eric Broch wrote:
I believe, if I understand certbot documentation, that you must prove
ownership of the domains through DNS settings. I've failed to find
any good examples on this.
On 10/20/2024 7:41 AM, Tony White wrote:
Hi Folks,
I have an SSL certificate issued by Lets Encrypt with 15
domains in it. 1 primary and the rest are Aliased.
My issue is that the ServerName works perfectly every time.
However none of the ServerAlias do. They all pop up as "Not Secure".
Yet using openssl they all appear valid with valid date, issuer etc.
Should I do this some other way? Or is my configuration invalid?
TIA :)
--
regards
Tony White
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
