X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=115-188-8-55-adsl.sparkbb.co.nz; envelope-from=<surgemail-support@netwin.co.nz>;
X-Received: from [192.168.1.119] (115-188-8-55-adsl.sparkbb.co.nz [115.188.8.55])
by netwin.co.nz (SurgeMail 7.5d) with ESMTP (TLS) id 33326389-1391920
for <surgemail-list@netwin.co.nz>; Thu, 18 Mar 2021 20:26:12 +0000
X-Return-Path: surgemail-support
Subject: Re: [SurgeMail List] ssl problems
To: surgemail-list@netwin.co.nz
References: <8189fe7d-af95-4d53-5877-0c37a7eb6ebf@lcrcomputer.info>
From: Surgemail Support
Message-ID: <f425f67c-eeb8-ec2d-e8d4-bb13e2ec8b2e@netwin.co.nz>
Date: Fri, 19 Mar 2021 09:26:10 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
Thunderbird/78.8.1
MIME-Version: 1.0
In-Reply-To: <8189fe7d-af95-4d53-5877-0c37a7eb6ebf@lcrcomputer.info>
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Qnum: 33326389
X-Rcpt-To: <surgemail-list@netwin.co.nz>
X-SpamDetect: : 0.000000
X-Info: aspam skipped due to (g_smite_skip_relay)
X-Encryption: SSL encrypted
X-IP-stats: Incoming Last 0, First 0, in=3, out=0, spam=0 ip=115.188.8.55
List-Unsubscribe: <mailto:surgemail-list-leave@netwin.co.nz?subject=unsubscribe>
X-Mailing-List: surgemail-list@netwin.co.nz
List-ID: <surgemail-list@netwin.co.nz>
Precedence: bulk
Reply-To: surgemail-list@netwin.co.nz
(resend to check list)
If you don't have lets involved, and you don't have g_ssl_per_domain
enabled, then the folder you want is:
/usr/local/surgemail/ssl
And the file to put it in is:
surge_cert.pem (Certificate, followed by keychain)
and
surge_priv.pem (Your secret key)
After updating those files, restart surgemail. Check mail.err to see if
it reports any errors loading them. If the format is wrong/corrupt it
will fail, then restore the old files and restart surgemail.
(we recommend letsencrypt though as it's much easier, for 'most'
situations but does have some requirements) see
https://surgemail.com/knowledge-base/enable-ssl/
ChrisP
On 10/03/2021 12:15 pm, Lyle Giese wrote:
> I am using a third party ssl cert and it will expire on March 19th. I
> started the process to replace it today. I am unable to figure out
> how to upload the certificate and chain file. When using the
> webadmin, it accepts the upload, but I can not find where it put it on
> the server. It certainly did not put it at /usr/local/surgemail/ssl.
>
> I looked up the instructions for manual installation of certificates
> and that doesn't work. No matter what combination of commands and
> incantations, Surgemail reverts to the old cert that expires on March
> 19th. I am unable to figure where it's finding that certificate and
> pulling it in. the lets subdirectory is empty(I am not using LETS as
> I don't have the webmail on port 80 or 443). I can not find any
> pointers in surgemail.ini that would point to anything other than
> /usr/local/surgemail/ssl
>
> Lyle Giese
>
>
>
|