Koozali.org: home of the SME Server

SME 10.1 and GoDaddy SSL

Offline dallas

  • ***
  • 43
  • +0/-0
SME 10.1 and GoDaddy SSL
« on: March 10, 2025, 06:14:04 AM »
I'm having a problem updating my expired GoDaddy SSL certificates using Server Manager.
I have also noticed that the server.crt and server.key sections are the same.

I have found Certificate Concepts page in the wiki and it references another page, Certificate Intergration GoDaddy Certificate. This page relates to 7.5.1 and says it should relate to SME 8 and 9.

I tried to copy and paste the new GoDaddy keys into Server Manager and I lost contact with my server and had to use signal-event certificate-revert to recover.

Am I missing something, or should I just use command line and put the files in the correct place?

Offline Stefano

  • *
  • 10,894
  • +3/-0
Re: SME 10.1 and GoDaddy SSL
« Reply #1 on: March 10, 2025, 03:48:15 PM »
please, post the output of
Code: [Select]
config show modSSL

Offline dallas

  • ***
  • 43
  • +0/-0
Re: SME 10.1 and GoDaddy SSL
« Reply #2 on: March 10, 2025, 11:18:27 PM »
[root@www home]# config show modSSL
modSSL=service
    CommonName=haggar.id.au
    TCPPort=443
    access=public
    status=enabled

Offline Stefano

  • *
  • 10,894
  • +3/-0
Re: SME 10.1 and GoDaddy SSL
« Reply #3 on: March 11, 2025, 09:06:26 AM »
ok.. do you have the key, cert and chain cert?

your config should look like this:
Code: [Select]
[root@sme9 ~]# config show modSSL
modSSL=service
    CertificateChainFile=/etc/dehydrated/certs/mind-at-work.it/chain.pem
    TCPPort=443
    access=public
    crt=/etc/dehydrated/certs/mind-at-work.it/cert.pem
    key=/etc/dehydrated/certs/mind-at-work.it/privkey.pem
    status=enabled

Offline dallas

  • ***
  • 43
  • +0/-0
Re: SME 10.1 and GoDaddy SSL
« Reply #4 on: March 12, 2025, 03:04:11 AM »
GoDaddy provides the following files.

********.crt
********.pem
and a gd_bundle-g2-g1.crt

I assume that the key file is the .crt, the .pem is obvious, where does the gd-bundle fit?

Offline Stefano

  • *
  • 10,894
  • +3/-0
Re: SME 10.1 and GoDaddy SSL
« Reply #5 on: March 12, 2025, 09:20:57 AM »
check your files, the first line in key is

Code: [Select]
-----BEGIN PRIVATE KEY-----

the bundle file contains all the certificate chain, so from the CA one to the server one, with one or more intermediate cert

I have a godaddy cert here from a customer of mine, will check on a test machine..
anyway, it seems to me you don't have the key

Offline dallas

  • ***
  • 43
  • +0/-0
Re: SME 10.1 and GoDaddy SSL
« Reply #6 on: March 15, 2025, 03:40:00 AM »
check your files, the first line in key is

Code: [Select]
-----BEGIN PRIVATE KEY-----

the bundle file contains all the certificate chain, so from the CA one to the server one, with one or more intermediate cert

I have a godaddy cert here from a customer of mine, will check on a test machine..
anyway, it seems to me you don't have the key

I think you are correct about the key. This is a new server since the last SSL update and GoDaddy says to get a new key. I have requested a rekey and will see how that goes.