COPY 60fe102036719acd.crt to
surgemail\ssl\surge_cert.pem
copy gdig2_bundle.crt to
surgemail\ssl\surge_chain.pem
Or if not running the latest build,
then append the bundle file to the first file (order counts, the
certificate goes first, bundle second), and copy that to
surge_cert.pem (or upload/paste it)
If pasting the files together, be sure
not to loose line endings, if the lines are not all even length
and clear to read like this:
-----BEGIN CERTIFICATE-----
MIIC0DCCAbigAwIBAwIEnehggDANBgkqhkiG9w0BAQsFADAqMRcwFQYDVQQDDA5u
ZXR3aW5zaXRlLmNvbTEPMA0GA1UECgwGbmV0d2luMB4XDTE3MDEyMjAwNTA1MloX
DTI3MDEyMjAwNTA1MlowKjEXMBUGA1UEAwwObmV0d2luc2l0ZS5jb20xDzANBgNV
.....
Then the file line endings are
probably messed up, use unix2dos or dos2unix or an editor that
can cope with both formats (notepad++ rather than notepad)
ChrisP.
On 24/01/2017 3:19 p.m., Randy Zumwalde
wrote:
I got the signed certificate back but I'm not sure which I should
paste into the SSL Certificate(s) box.
One file I received from godaddy is gdig2_bundle.crt and the other
is 60fe102036719acd.crt
One file has 1 set of -----BEGIN CERTIFICATE----- -----END
CERTIFICATE-----
and the other has 2 sets of -----BEGIN CERTIFICATE----- -----END
CERTIFICATE-----
I'm not sure which I should use.
On 1/23/17 7:37 PM, Eric Vey wrote:
Chris,
We need better
documentation for SSL certificate handling. The
documentation for self issued certificates is fine, but
things need to be made easier when using Let's Encrypt and
other certificate issuers. We are being told that unless
we encrypt end-to-end we are bad. Teach us how to do it
right.
Eric Vey
On January 23, 2017 7:28:52
PM surgemail-support <surgemail-support@netwinsite.com>
wrote:
First, apologies, and thanks for bringing this to my
attention, after some tests I've realized it's doing
exactly what you describe (which it shouldn't be).
We will fix in the next build.
Anyway, to recreate the private file just restart
surgemail, that will recreate it, then click on the
create csr button then show csr button.
This will currently replace your existing public key
too (incorrectly). But as soon as you get the signed
certificate back it will stop client errors.
ChrisP.
On 24/01/2017 12:12 p.m.,
Randy Zumwalde wrote:
How do I recreate the priv file. Do I do this within
SurgeMail.
Sorry I have a hard time figuring this out.
The server got messed up just by me clicking on the New
CSR button from the SurgeMail web admin and none of my
users were able to get mail cause it said the
certificate was not trusted. I didn't do anything to the
self-signed certificate. I was only trying to generate a
CSR to send to GoDaddy
On 1/19/17 2:53 PM,
surgemail-support wrote:
re: 2048 bit csr.
The old private key is not replaced if it already
exists, so to force it to create a 2048 bit key delete
your existing surge_priv.pem file first then recreate
the priv file and csr
ChrisP
