Comments (10)
Added in 1.6.1.
from autoacme.
Just to be sure: I mean full chain in the PEM file, not PFX ;)
from autoacme.
First of all: Why would hMailServer need full chain? I use it as well, without full chain and without any problems. LE certificates have correct Authority Info Access, so client can build their chain without any problems.
Second, I can probably add it in future version, why not.
from autoacme.
Hi!
Oh ok, I tried it once with the certificate provided by autoACME and had issues with https://www.checktls.com/ as the full chain was not provided by the server.
Maybe it messed something up. If so, sorry for the issue opened!
Thanks!
Boris
from autoacme.
@ridercz - can you please provide the steps you take for using the certificates in hmailserver? With win-acme I got a chain/key pem file that I was able to use.
from autoacme.
@eleasarchriso AutoACME generates PFX files, You can use OpenSSL on the command line (and thus also script that) to split these up into their parts (e.g. PEM and PVK files), see for instance https://support.comodo.com/index.php?/comodo/Knowledgebase/Article/View/548/7/
from autoacme.
Ok thanks. Yes this is what I am doing now. I thought there might be some setting/option in AutoAcme that I was missing like the PEM folder in the configs.
Is there any option to run some script after a new certificate was downloaded where I could plug in this generation of the hmailserver certificates?
from autoacme.
@eleasarchriso No, I'm not aware of such a feature, but you could open a request for that: Pre- and post-request scripts could maybe be added to the certificate host information, so that only specific certificates would trigger these actions.
from autoacme.
Hi!
I was just playing around with it. Most software (e.g. Joomla, MX Toolbox, luxsci) apparently will not consider the certificate trustworthy, if the server is not sending the full chain. Currently hMailserver is using the PEM and CRT file, that are created during issuing process (completely ignoring the PFX file) as is.
Any plans on exporting the full chain into the CRT file? That might fix this issue. It does work, if I copy the contents manually into the file..
Thanks,
Boris
from autoacme.
@Ich79 I assume that when you say "the full chain" you mean the chain up to (but excluding) the root CA, right? E.g. the domain cert and the intermediate cert, but not the root cert.
from autoacme.
Related Issues (20)
- Getting 404 and AutoACME HTTP Error 403.14 - Forbidden HOT 1
- Remote Server Returned 404 Error Question HOT 9
- urn:acme:error:m alformed: Unable to update challenge :: provided key authorization was incorrect HOT 1
- Waiting for authorization.....Failed! HOT 3
- Request failed when adding a new host HOT 5
- Waiting for authorization....Failed! HOT 2
- Add support for IDN
- Version 1.6 error loading System.Net.HTTP HOT 2
- Failed to setup HOT 1
- Unable to connect to the remote server HOT 9
- Certificate renewal failure - Completing challenge...Challenge Invalid HOT 2
- Upgrade instructions: ACMEv1 to ACMEv2? HOT 8
- Save CRT and PEM certificates HOT 11
- IIS rewrite url is not work HOT 2
- Cert removed, Update failed HOT 5
- Obtaining an Elliptic Curve certificate from Let's Encrypt HOT 3
- Renewal of SSL certificate - Challenge Invalid (timeout during connect - likely firewall problem) HOT 5
- When running the Setup SFX, extract the files to a subdirectory HOT 5
- The remote name could not be resolved: 'acme-v02.api.letsencrypt.org' HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from autoacme.