What kind of SSL
-
johanvdwijk
- Posts: 3
- Joined: Wed Nov 16, 2016 2:27 pm
What kind of SSL
Hi,
I am using VestaCP only as mailserver, but since the server doenst have a SSL installed at the moment, i receive errors: The certificate of your incoming server is not signed.
Ofcourse this is a problem with clients, so i would like to install a SSL certificatie to stop this from happening.
I've seen a SSL certificates to install, only will this stop the error when Outlook is trying to connect to the server?
Is it right that if i want to stop that from happening i'll have to add the SSL through -> Web -> Domain (server domain) -> SSL?
Hope someone can help out :)
I am using VestaCP only as mailserver, but since the server doenst have a SSL installed at the moment, i receive errors: The certificate of your incoming server is not signed.
Ofcourse this is a problem with clients, so i would like to install a SSL certificatie to stop this from happening.
I've seen a SSL certificates to install, only will this stop the error when Outlook is trying to connect to the server?
Is it right that if i want to stop that from happening i'll have to add the SSL through -> Web -> Domain (server domain) -> SSL?
Hope someone can help out :)
Re: What kind of SSL
What do you mean clients?
Are these people who will have their own domain or are you selling people e-mail on a common domain?
If the goal is just to make the self-signed certificate warning go away then any SSL will do. I'd generally recommend buying it from SSLS.com and just get the cheap $5 a year one.
If you are going to have different domains -- [email protected] and [email protected] then that can't be accomplished with just a generic SSL -- every domain will need an SSL or you could look at more expensive options that allow for multi-domains.
You also have the option of just not using TLS for e-mail. In my experience most people are not using encrypted e-mail. They probably should be but most don't.
Are these people who will have their own domain or are you selling people e-mail on a common domain?
If the goal is just to make the self-signed certificate warning go away then any SSL will do. I'd generally recommend buying it from SSLS.com and just get the cheap $5 a year one.
If you are going to have different domains -- [email protected] and [email protected] then that can't be accomplished with just a generic SSL -- every domain will need an SSL or you could look at more expensive options that allow for multi-domains.
You also have the option of just not using TLS for e-mail. In my experience most people are not using encrypted e-mail. They probably should be but most don't.
-
johanvdwijk
- Posts: 3
- Joined: Wed Nov 16, 2016 2:27 pm
Re: What kind of SSL
Alright, i just installed a SSL cert on my server.
Now when i go to the URL/website it's fine. But when i go to the vestacp port, it's going wrong again..
Now when i go to the URL/website it's fine. But when i go to the vestacp port, it's going wrong again..
Re: What kind of SSL
You need to copy the certs that you installed to replace the self-signed certs in /usr/local/vesta/ssl then restart the Vesta service.
I had the same issue a few days ago -- see here for topic viewtopic.php?f=10&t=13076
Basically I started by going to /usr/local/vesta/ssl and renaming the current certs -- just add .backup -- this isn't actually necessary but just in case you need them
I then went to where the purchased certs are stored /home/admin/conf/web -- change admin to a different user if your not using the admin user.
copy the .crt and .key file to /usr/local/vesta/ssl
rename them certificate.crt and certificate.key
restart vesta
I had the same issue a few days ago -- see here for topic viewtopic.php?f=10&t=13076
Basically I started by going to /usr/local/vesta/ssl and renaming the current certs -- just add .backup -- this isn't actually necessary but just in case you need them
I then went to where the purchased certs are stored /home/admin/conf/web -- change admin to a different user if your not using the admin user.
copy the .crt and .key file to /usr/local/vesta/ssl
rename them certificate.crt and certificate.key
restart vesta