I’ve bought an SSL Certificate from ssl.com its a basic certificate. e-g. example.domain.com.
now, I want to upload the certificate to Nethserver Certificates. But, I am not sure because in the upload section it asks three things: Certificate Private key Chain file
I downloaded the certificate from ssl.com and it contains two files. 1. ca-bundle-client.crt >> contains three certificates 2 example.domain.com.crt >> contains one certificate.
*Private Key I downloaded as well.
my question is which file I put where to upload the certificate.
I’d appreciate your help!
NethServer Version: NethServer 7.7.1908 Module: Web Server
I don’t know why you wouldn’t have just used Let’s Encrypt to get a trusted certificate for free, rather than paying for one, but…
example.comain.com.crt is the Certificate.
Private Key is the private key you downloaded–although if you downloaded the key, that means someone else has it, which is a Very Bad Thing™.
Chain file is the intermediate cert (or certs) between your server cert and the trusted root cert. It will likely be contained in the ca-bundle-client.crt file you downloaded, and you can probably use the whole thing as the chain file. To do it “right”, you’d need to decode each of the three certs there, remove the one that’s for your server, and use the rest.
Hey @danb35 Thanks for helping me out.
yes! you are right about Letsencrypt but it needs to be validated every three months. and last time when I updated the certificate all users had to reinstall the new certificate to use mail clients.
another reason to not use Letsencrypt is that I don’t want to open any ports.
You’d only need to do that if there’s a serious problem with your certificate configuration–most likely, that the hostname clients are connecting to (e.g., mail.yourdomain.com) isn’t covered by your certificate.