Creating an SSL cert for virtual domains?

Whether you are using Linux on the desktop or as a server, it's still good that you're using Linux. Linux related questions go here.

Moderator: General Moderators

Post Reply
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Creating an SSL cert for virtual domains?

Post by Kieran Huggins »

I'm a little stumped here, I followed a guide to set up an Ubuntu Dapper slice that included support for virtual domains for Courier IMAP over SSL, and everything is working nicely... sortof.

Unfortunately, t-bird keeps complaining that the SSL certificate is signed for "localhost", and not for any of the virtual domains I'm connecting to. It still works, but the error is exceptionally annoying.

Anyone here know how to create an openSSL cert that's signed for a domain?
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Creating an SSL cert for virtual domains?

Post by Christopher »

Have you gone through the steps of creating a KEY and CSR with the domain information in it?
(#10850)
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Re: Creating an SSL cert for virtual domains?

Post by Jenk »

As above, you have to create a key per domain.
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Re: Creating an SSL cert for virtual domains?

Post by Kieran Huggins »

I ran the following (from the guide):

Code: Select all

openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Creating an SSL cert for virtual domains?

Post by Christopher »

It asks a bunch of questions when you create a CSR from a KEY, what did you tell it?
(#10850)
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Re: Creating an SSL cert for virtual domains?

Post by Kieran Huggins »

Code: Select all

Country Name (2 letter code) [AU]: CA
State or Province Name (full name) [Some-State]: Ontario
Locality Name (eg, city) []: Toronto
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <Company Name>
Organizational Unit Name (eg, section) []: <blank>
Common Name (eg, YOUR name) []: Kieran Huggins
Email Address []: <email address>
another question would be: can I create SSL certs for multiple domains like this? Are they cumulative?
bertfour
Forum Commoner
Posts: 45
Joined: Fri Mar 07, 2008 7:33 am

Re: Creating an SSL cert for virtual domains?

Post by bertfour »

AFAIK you can only use ONE certificate per IP address....
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Creating an SSL cert for virtual domains?

Post by Christopher »

Kieran Huggins wrote:another question would be: can I create SSL certs for multiple domains like this? Are they cumulative?
Somewhere you tell it what your domain name is? Did you do that. You create certificates by domain name.
(#10850)
Post Reply