Thanks for the help with my last issue!
This one - whenever I'm switching from page to page in MagicSpam, I get a "Certificiate Authority Not Valid" error, and have to tell Chrome to continue. Clicking on the lock gives me "This CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certification Authorities store."
Is there a particular place on the server where I can grab the .cer so I can import it into my local browser?
HTTPS Certificate
Re: HTTPS Certificate
Hello atindall,
Thank you for your post.
Your browser is marking the site as insecure only because the MagicSpam
interface is using a self-signed certificate.
Normally Chrome should "remember" your choice to continue accessing the site
despite of the cert and not bother you with every page change.
As the MagicSpam interface should only be used by your internal staff,
it probably isn't worth the effort to load a properly signed certificate.
That being said, if you do want to load a properly signed certificate you
will need to edit the following file:
/etc/magicspam/httpd/magicspam.pem
This file must contain your PEM encoded certificate and private key.
Please note that currently the http daemon doesn't have a configuration for
a certificate chain so you will also need to create a file and place your
PEM encoded intermediate certificate chain in this file. You will then need
to edit the /etc/magicspam/httpd/httpd.conf file and add the "ssl.ca-file"
option to specify the file path of your certificate chain.
Finally, you can restart the daemon so that the changes take affect:
/etc/init.d/magicspam-httpd restart
After you complete this, if you use the correct hostname when accessing the
site, you shouldn't get any more SSL warnings (also assuming your
certificate is valid).
Please note that this operation is considered "non supported" as we
normally intend for people to just use the included self-signed
certificate.
Please let us know if this information helps to resolve your issue.
Thank you for your post.
Your browser is marking the site as insecure only because the MagicSpam
interface is using a self-signed certificate.
Normally Chrome should "remember" your choice to continue accessing the site
despite of the cert and not bother you with every page change.
As the MagicSpam interface should only be used by your internal staff,
it probably isn't worth the effort to load a properly signed certificate.
That being said, if you do want to load a properly signed certificate you
will need to edit the following file:
/etc/magicspam/httpd/magicspam.pem
This file must contain your PEM encoded certificate and private key.
Please note that currently the http daemon doesn't have a configuration for
a certificate chain so you will also need to create a file and place your
PEM encoded intermediate certificate chain in this file. You will then need
to edit the /etc/magicspam/httpd/httpd.conf file and add the "ssl.ca-file"
option to specify the file path of your certificate chain.
Finally, you can restart the daemon so that the changes take affect:
/etc/init.d/magicspam-httpd restart
After you complete this, if you use the correct hostname when accessing the
site, you shouldn't get any more SSL warnings (also assuming your
certificate is valid).
Please note that this operation is considered "non supported" as we
normally intend for people to just use the included self-signed
certificate.
Please let us know if this information helps to resolve your issue.
-- MagicSpam Support Team --
Who is online
Users browsing this forum: No registered users and 1 guest