Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » SSL Certificate confusion
  •  
m.sand

Messages: 35
Karma: -4
Send a private message to this user
Hi,
using Kerio 9.0.2 on Linux and trying to get rid of the Certification Warnings in Chrome. The RapidSSL certificate I currently have is a SHA256 but issued back in 2014 so the root is using RapidSSL SHA-1 root CA Certificate.

In my attempts to fix this I have ended up with multiple Active Certificates and one Default Certificate. They are all still valid (expiring in 2017).
When I generate a CSR and issue it to RapidSSL to get a SHA256 Certificate I get the missing private key error when I try to import the CSR + intermediate certificate.

This leads me to think Kerio is generating the CSR from some other private key (I have 6 .key files in /opt/kerio/mailserver/sslcert, been using kerio for 8 years).
I have tried selecting a certificate in the admin interface and then click the CSR button but same problem.

Question:
I have read in the KB that if the key and crt files are removed from /opt/kerio/mailserver/sslcert Kerio will generate a new self-signed certificate.
Anyone think this would this help me to generate a CSR, get the certificate and then be up and running again?

Sincerely,
/Mattias
  •  
ArthurV

Messages: 7
Karma: -2
Send a private message to this user
I'd say you have to import the returned certificate file (which could be the certificate text + intermediate text) PLUS the key that was used at the time the CSR (to obtain the certificate) was made. To make sure which key was generated during the CSR you could probably give this private key a helpfull filename. You could find it by date (same date as the corresponding CSR).
  •  
m.sand

Messages: 35
Karma: -4
Send a private message to this user
I shut down Kerio, cleaned out all files from the sslcert directory and restarted. Created a new CSR and re-issued the certificate from RapidSSL. All is now well.

Thanks,
/Mattias
Previous Topic: Problem with SSL certificate
Next Topic: disappearing events in iCal
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Aug 18 05:08:45 CEST 2017

Total time taken to generate the page: 0.00776 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.