COPY 60fe102036719acd.crt to
surgemail\ssl\surge_cert.pem
copy gdig2_bundle.crt to
surgemail\ssl\surge_chain.pem
Or if not
running the latest build, then append the bundle file to the
first file (order counts, the certificate goes first, bundle
second), and copy that to surge_cert.pem (or upload/paste it)
If
pasting the files together, be sure not to loose line endings,
if the lines are not all even length and clear to read like
this:
-----BEGIN CERTIFICATE-----
MIIC0DCCAbigAwIBAwIEnehggDANBgkqhkiG9w0BAQsFADAqMRcwFQYDVQQDDA5u
ZXR3aW5zaXRlLmNvbTEPMA0GA1UECgwGbmV0d2luMB4XDTE3MDEyMjAwNTA1MloX
DTI3MDEyMjAwNTA1MlowKjEXMBUGA1UEAwwObmV0d2luc2l0ZS5jb20xDzANBgNV
.....
Then the
file line endings are probably messed up, use unix2dos or
dos2unix or an editor that can cope with both formats
(notepad++ rather than notepad)
ChrisP.
On 24/01/2017 3:19 p.m., Randy
Zumwalde wrote:
I got the signed certificate back but I'm not sure which I
should paste into the SSL Certificate(s) box.
One file I received from godaddy is gdig2_bundle.crt and the
other is 60fe102036719acd.crt
One file has 1 set of -----BEGIN CERTIFICATE----- -----END
CERTIFICATE-----
and the other has 2 sets of -----BEGIN CERTIFICATE----- -----END
CERTIFICATE-----
I'm not sure which I should use.
On 1/23/17 7:37 PM, Eric Vey wrote:
Chris,
We need better
documentation for SSL certificate handling. The
documentation for self issued certificates is fine, but
things need to be made easier when using Let's Encrypt
and other certificate issuers. We are being told that
unless we encrypt end-to-end we are bad. Teach us how to
do it right.
Eric Vey
On January 23, 2017
7:28:52 PM surgemail-support <surgemail-support@netwinsite.com>
wrote:
First, apologies, and thanks for bringing this to my
attention, after some tests I've realized it's doing
exactly what you describe (which it shouldn't be).
We will fix in the next build.
Anyway, to recreate the private file just restart
surgemail, that will recreate it, then click on the
create csr button then show csr button.
This will currently replace your existing public key
too (incorrectly). But as soon as you get the signed
certificate back it will stop client errors.
ChrisP.
On 24/01/2017 12:12 p.m.,
Randy Zumwalde wrote:
How do I recreate the priv file. Do I do this within
SurgeMail.
Sorry I have a hard time figuring this out.
The server got messed up just by me clicking on the
New CSR button from the SurgeMail web admin and none
of my users were able to get mail cause it said the
certificate was not trusted. I didn't do anything to
the self-signed certificate. I was only trying to
generate a CSR to send to GoDaddy
On 1/19/17 2:53 PM,
surgemail-support wrote:
re: 2048 bit csr.
The old private key is not replaced if it already
exists, so to force it to create a 2048 bit key
delete your existing surge_priv.pem file first then
recreate the priv file and csr
ChrisP
