[BlueOnyx:13419] Re: Intermediate/chain certificate for Vsites
Michael Stauber
mstauber at blueonyx.it
Thu Jul 25 16:30:54 -05 2013
Hi David,
> Was testing different SSL certs to see how low in price and quality I
> could try till something complained..
> got to the 12 dollars ones when Firefox and IE quit trusting..
>
> Where is the best place to add the Intermediate/chain certificate
> (ca-bundle) where the changes won't be overwritten.
You can actually use the GUI to do that. It'll take care of it for you.
On the Vsite in question click on "SSL" and then on the button "Manage
Certificate Authorities". That allows you to upload the
intermediate/chain certificates.
The whole SSL stuff of BlueOnyx is handled via a the Perl-Script
/etc/httpd/conf.d/ssl_perl.conf
It checks CODB to see which Vsites have SSL enabled, checks the validity
of the certs, if they have intermediate/chain certs and then dynamically
generates the respective SSL-enabled Vhost containers via
Apache::PerlSections() (5106R) or Apache2::PerlSections() for 5107R/5108R.
That Perl-Module allows to generate Apache configurations at runtime.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list