Re: [Assp-user] Problems getting TLS working

Thu, 28 Dec 2017 14:20:41 -0800 

Aha!
So when froxlor is handling the certs, it has the individual cert, chain, key, CA files. I compared to my certs that I'd done with certbot directly and realized that I was giving ASSP the pure chain file, not a combined cert + chain file. I should have thought of that before since I have several other programs that require the combined one (and auto generate the pems for them). Since the root VPS domain isn't a "hosted" domain, it wasn't getting the full pem generated like the other domains. I updated it, generated the full chain pem, and now ASSP is happy with that one. 

Thanks for all the help guys!

Now I just need to get everything else tweaked..haha

Mark II

----- Message from "William L. Thomson Jr." <wlt...@o-sinc.com> ---------
    Date: Thu, 28 Dec 2017 10:41:47 -0500
    From: "William L. Thomson Jr." <wlt...@o-sinc.com>
Reply-To: For Users of ASSP <assp-user@lists.sourceforge.net>
 Subject: Re: [Assp-user] Problems getting TLS working
      To: assp-user@lists.sourceforge.net



On Wed, 27 Dec 2017 00:26:33 +0000
Mark D Montgomery II <techi...@techiem2.net> wrote:


Ok, so it SHOULD work.

In SSL Proxy and TLS Settings:
DoTLS: do TLS

SSLCertFile: /etc/ssl/froxlor-custom/mydomain_chain.pem
SSLKeyFile: /etc/ssl/froxlor-custom/mydomain.key
SSLCAFile: /etc/ssl/froxlor-custom/mydomain_CA.pem


Not sure which your using. Let's Encrypt filenames are fullchain.pem
and privkey.pem. Those should be the only two you need. Point
SSLCertFile to fullchain.pem and SSLKeyFile to privkey.pem. The
SSLCAFile should not be necessary. Leave that blank. That maybe what is
causing your problem now. Could try removing that first.

Otherwise if you modified the files from Let's Encrypt at all, do not.
They are good to go as they come from them.

--
William L. Thomson Jr.

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user



----- End message from "William L. Thomson Jr." <wlt...@o-sinc.com> -----



--
Mark D Montgomery II
techi...@techiem2.net
https://www.techiem2.net


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user






















					Reply via email to