HTTPS Certificate

This is the area for a general support questions, discussions and information that you can read and share. Post your experiences, stats and tricks and tips that are not covered elsewhere. Remember, for questions please search the FAQ first, as your question may already be answered.

Moderators: wizard, magicspam

Post Reply
atindall
Posts: 6
Joined: Mon Jan 18, 2016 12:53 pm

HTTPS Certificate

Post by atindall » Mon Jan 18, 2016 4:10 pm

Thanks for the help with my last issue!

This one - whenever I'm switching from page to page in MagicSpam, I get a "Certificiate Authority Not Valid" error, and have to tell Chrome to continue. Clicking on the lock gives me "This CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certification Authorities store."

Is there a particular place on the server where I can grab the .cer so I can import it into my local browser?

magicspam
Posts: 1553
Joined: Tue Oct 28, 2008 2:27 pm

Re: HTTPS Certificate

Post by magicspam » Mon Jan 18, 2016 5:16 pm

Hello atindall,

Thank you for your post.

Your browser is marking the site as insecure only because the MagicSpam
interface is using a self-signed certificate.

Normally Chrome should "remember" your choice to continue accessing the site
despite of the cert and not bother you with every page change.

As the MagicSpam interface should only be used by your internal staff,
it probably isn't worth the effort to load a properly signed certificate.

That being said, if you do want to load a properly signed certificate you
will need to edit the following file:

/etc/magicspam/httpd/magicspam.pem

This file must contain your PEM encoded certificate and private key.

Please note that currently the http daemon doesn't have a configuration for
a certificate chain so you will also need to create a file and place your
PEM encoded intermediate certificate chain in this file. You will then need
to edit the /etc/magicspam/httpd/httpd.conf file and add the "ssl.ca-file"
option to specify the file path of your certificate chain.

Finally, you can restart the daemon so that the changes take affect:

/etc/init.d/magicspam-httpd restart

After you complete this, if you use the correct hostname when accessing the
site, you shouldn't get any more SSL warnings (also assuming your
certificate is valid).

Please note that this operation is considered "non supported" as we
normally intend for people to just use the included self-signed
certificate.

Please let us know if this information helps to resolve your issue.
-- MagicSpam Support Team --

Post Reply

Return to “General Discussions and Support Questions”

Who is online

Users browsing this forum: No registered users and 10 guests