Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - wvanelten

Pages: [1]
1
@nederlandlive, Do you have anymore detail on this? I can't seem to get it to work, but I don't know if I have my cert in the proper order.

This is my order:

Cert
Intermediate
Root CA
Key

according to Novell it should be:
Key
Cert
Intermediat-chain

source: https://www.novell.com/support/kb/doc.php?id=7013103

2
Hi All,

To fix this for postfix, dovecot, sogo and the webadmin page, i'm using the following hook (based on a solution mentioned elsewere on this forum.. but lost the link  :-\) in combination with sslmate and Zentyal 4.2.1
Put the following in /etc/zentyal/hooks/ca.postsetconf (replace 'example.com' with your domain) and make sure it's executable, e.g. #chmod +x /etc/zentyal/hooks/ca.postsetconf:

Code: [Select]
#!/bin/sh
rm /etc/dovecot/private/dovecot.pem && ln -s /etc/sslmate/\*.example.com.chained.key.crt /etc/dovecot/private/dovecot.pem
rm /etc/postfix/sasl/postfix.pem && ln -s /etc/sslmate/\*.example.com.chained.key.crt /etc/postfix/sasl/postfix.pem
rm /var/lib/zentyal/conf/ssl/ssl.pem && ln -s /etc/sslmate/\*.example.com.chained.key.crt /var/lib/zentyal/conf/ssl/ssl.pem
rm /etc/ocsmanager/example.com.pem && ln -s /etc/sslmate/\*example..com.chained.key.crt /etc/ocsmanager/example.com.pem
exit 0

The crt consists of the full chain + the key (at the end).

Restart services:

Code: [Select]
#service zentyal ca restart
#service zentyal webadmin restart
#service zentyal mail restart
#service apache2 restart

Might be a good alternative to the above for someone (it works for me ;-)).

Cheers,
Joost

There is a typo in the ca.postsetconf.
that might be the problem if you didn't fix that.
it should be: (ocsmanager part is changed)
Code: [Select]
#!/bin/sh
rm /etc/dovecot/private/dovecot.pem && ln -s /etc/sslmate/\*.example.com.chained.key.crt /etc/dovecot/private/dovecot.pem
rm /etc/postfix/sasl/postfix.pem && ln -s /etc/sslmate/\*.example.com.chained.key.crt /etc/postfix/sasl/postfix.pem
rm /var/lib/zentyal/conf/ssl/ssl.pem && ln -s /etc/sslmate/\*.example.com.chained.key.crt /var/lib/zentyal/conf/ssl/ssl.pem
rm /etc/ocsmanager/example.com.pem && ln -s /etc/sslmate/\*.example.com.chained.key.crt /etc/ocsmanager/example.com.pem
exit 0

also; owner sould be root:root
Code: [Select]
sudo chown root:root /etc/sslmate/\*.example.com.chained.key.crt
and:
/etc/dovecot/private/dovecot.pem should be chmod 400
/etc/postfix/sasl/postfix.pem should be chmod 400
/var/lib/zentyal/conf/ssl/ssl.pem should be chmod 600
/etc/ocsmanager/eltomation.com.pem should be chmod 644

So I recommend to cp instead of ln -s.

3
Is there already a better way to do this?
These options do not work here with 4.2.1.3

4
Contributions / Tips&Tricks / Features Requests / [Feature Request] IPv6
« on: January 15, 2016, 11:11:15 am »
XS4All in the Netherlands supplies native IPv6. We use that a lot and all our services support it.
However, Zentyal doesn't.
Please start supporting IPv6. Not having IPv6 nowadays is outdated.

5
Hi there,

Planned on using Zentyal as replacement of our SBS 2008.

One thing I'm missing and struggling with to get it working is:

We have a wildcard SSL certificate.
I want to use that certificate in zentyal, for the webmin, webmail, e-mail and so on.
However, there is no import button for this.
And replacing the files with my own file works, for a moment. Than it gets replaced with the zentyal ones.

Please make it possible to import and use our own certificates.

ps. using Zentyal 4.2.1.3

Pages: [1]