SurgeMail Archive: Re: [SurgeMail List] SSL Help

Subject:	Re: [SurgeMail List] SSL Help
From:	surgemail-support
Date:	24-Jan-2017
There's a page here on using letsencrypt, and with recent builds it's fairly easy: http://netwinsite.com/surgemail/help/letsencrypt.htm And I've added more buttons to the page for generating the CSR to make it easy to recreate the private or public keys if wanted (but it won't by default). Also the server now allows the chain certificates to be placed in surge_chain.pem rather than appended to the public key file. The docs on the ssl config page have also been updated and also reference LetsEncrypt docs now too. ChrisP. On 24/01/2017 1:37 p.m., surgemail-list@netwinsite.com wrote: Chris, We need better documentation for SSL certificate handling. The documentation for self issued certificates is fine, but things need to be made easier when using Let's Encrypt and other certificate issuers. We are being told that unless we encrypt end-to-end we are bad. Teach us how to do it right. Eric Vey On January 23, 2017 7:28:52 PM surgemail-support <surgemail-support@netwinsite.com> wrote: First, apologies, and thanks for bringing this to my attention, after some tests I've realized it's doing exactly what you describe (which it shouldn't be). We will fix in the next build. Anyway, to recreate the private file just restart surgemail, that will recreate it, then click on the create csr button then show csr button. This will currently replace your existing public key too (incorrectly). But as soon as you get the signed certificate back it will stop client errors. ChrisP. On 24/01/2017 12:12 p.m., Randy Zumwalde wrote: How do I recreate the priv file. Do I do this within SurgeMail. Sorry I have a hard time figuring this out. The server got messed up just by me clicking on the New CSR button from the SurgeMail web admin and none of my users were able to get mail cause it said the certificate was not trusted. I didn't do anything to the self-signed certificate. I was only trying to generate a CSR to send to GoDaddy Randy Zumwalde • Tel: 513.651.1888 The John K. Howe Company, Inc. 7188 Main Street \| Cincinnati, OH 45244 Be sure to visit us online at http://www.ehowe.com Like us on Facebook at https://www.facebook.com/howemarketing Looking for product ideas? visit http://ehowe.mypromohq.com On 1/19/17 2:53 PM, surgemail-support wrote: re: 2048 bit csr. The old private key is not replaced if it already exists, so to force it to create a 2048 bit key delete your existing surge_priv.pem file first then recreate the priv file and csr ChrisP

Last Message | Next Message


Search website: