Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: Snoopyski on March 26, 2008, 05:02:00 PM
-
Hello Everyone,
I try to get out the error message about the certificate of my web site on my SME Server 7.3...
I try all contribs and HowTo but, the "bug" was not 100% resolved !!! And it's more difficult with IE7 and Firefox 3...
So any suggestion will be appreciated... If I need to buy something "real certificate" it's OK but where ? And what type of certificate ?
Thanks,
Snoopyski
-
I try all contribs and HowTo but, the "bug" was not 100% resolved !!! And it's more difficult with IE7 and Firefox 3...
It depends on what the error messages are, it could be one or more of three (this is for IE 7):
- The security certificate was issued by a company you have not chosen to trust. View the certificate to determine whether you want to trust the certificate authority.
This is because SME Server uses a self-signed certificate by default. This type of certificate is never trusted by default. This error could be fixed by installing the certificate on the/each client. - The security certificate has expired or is not yet valid
This is an error that can not be overwritten as it implies a serious error in your certificate it has either expired or is not valid. You can only resolve this by recreating a certificate with a valid generation and expiry date. - The name of the security certifcate is invalid or does not match the name of the site
This might be the case as SME Server uses one certificate for all (virtual) domains, you can not solve this in any other way than generating/buying and configuring certificates for each domain on it's own. A workaround is to only access the domain by the one that is listed in the certificate.
Hope this helps, perhaps you can extend on what errors you are experiencing.
-
I have found the thawte https://www.thawte.com/ssl-digital-certificates/buy-ssl-certificates/?click=buyssl-buttonsleft (https://www.thawte.com/ssl-digital-certificates/buy-ssl-certificates/?click=buyssl-buttonsleft)certificate to work great with my sme 7.3 and the least expensive choice (ssl123 @ $149.00 usd) works just fine. The posts shown in the forum and on the faq page were accurate for me and worked ok.
-
Snoopyski
You don't need to buy a certificate unless you have high level security verification needs, eg a business/corporate running a oscommerce web site or similar, just install the self signed certificate to your browser the first time you do a https://yourdomain type of access.
For email clients, in the IMAP/POP & SMTP server name fields, use the server name format instead of the server IP or the mail.mydomain.com format.
eg if your server is named myserver use
myserver.mydomain.com
That way you won't get errors in your browser or in your email client when using the self signed certificate.
-
Or use this howto http://wiki.contribs.org/Custom_CA_Certificate
With that you can get free certificates from cacert.org
- Frederik
-
Hello,
Yes, I know but user's need to add CACERT Certificate in IE to get free of error message... But user's don't know who to get it...
I just want to minimise manipulation about accessing my web site !
Thanks,
Snoopyski
-
My home site is just really a bookmark site for myself and a few friends.
I've added a small statement that to use this site you need this certificate.
Firefox users tend to have no problems but IE user forget to add the cert to the the "Trusted Certs" storage folder.
https://secure.magicwilly.info/
-
Snoopyski
I just want to minimise manipulation about accessing my web site !
Did you read my earlier post, which provides the answer.