Hi List, yesterday there was a packet update that deleted the ssl files: "certificate", "key" and "ca-certs" in the certs directory of a site on the machine and created new ones. Additionally the files that sendmail uses (/usr/share/ssl/certs/ca-bundle.crt and /usr/share/ssl/certs/sendmail.pem) were overridden with newly created ones.
As neither sendmail nor httpd have been updated their configuration didn't get updated. But why have these certificates been overridden? They have all been installed by hand - the certificate for the webserver because of the known SSL-problem of the GUI and the sendmail certificate because I do not know another way to import an officially signed certificate. List of changes reported by /var/log/yum: Apr 10 06:00:26 Updated: base-dns-glue-1.1.0-93BX40.el6.noarch Apr 10 06:00:27 Updated: base-dns-ui-1.1.0-93BX40.el6.noarch Apr 10 06:00:28 Updated: base-dns-locale-ja_JP-1.1.0-93BX40.el6.noarch Apr 10 06:00:28 Updated: base-dns-capstone-1.1.0-93BX40.el6.noarch Apr 10 06:00:30 Updated: base-dns-locale-ja-1.1.0-93BX40.el6.noarch Apr 10 06:00:31 Updated: base-dns-locale-en_US-1.1.0-93BX40.el6.noarch Apr 10 06:00:32 Updated: base-dns-locale-de_DE-1.1.0-93BX40.el6.noarch Apr 10 06:00:33 Updated: base-dns-locale-da_DK-1.1.0-93BX40.el6.noarch It is not a big problem at the moment as I restored my certificates from a backup and made the files immutable - but I think to know the reason would be good anyway. Regards, Tobias Gablunsky Servertechnik Server Management ____________________________________________ CBXNET combox internet GmbH Lützowstr. 106 | 10785 Berlin Tel: +49 (30) 5900 69-41 Fax: +49 (30) 5900 69-99 www.cbxnet.de Event Connect - Internet für Ihren Event! Tel: +49 (30) 5900 69-80 www.event-connect.de Amtsgericht Berlin-Charlottenburg HRB 71171 Geschäftsführer: Lutz Treutler > -----Original Message----- > From: blueonyx-boun...@mail.blueonyx.it > [mailto:blueonyx-boun...@mail.blueonyx.it] On Behalf Of > Maurice de Laat > Sent: Wednesday, April 11, 2012 12:43 AM > To: BlueOnyx General Mailing List > Subject: [BlueOnyx:10106] Re: Error on SSL-cert import > > Hi Chris, > > On Tue, Apr 10, 2012 at 10:30:06AM -0500, Chris Gebhardt - VIRTBIZ > Internet wrote: > > > Hmmm. Will this negatively impact any other operations for a site? > > Not that I've noticed. I have it like this for about 6 months > now on a > site. > > I've installed another ssl site (by hand, not by GUI) last > week (also on > 5107R), but did in that case I didn't needed this trick to > get it working. > Perhaps because that latest site doesn't have any web server aliases, > where as the site that needed this line remarked does. > -- > Maurice de Laat > _______________________________________________ > Blueonyx mailing list > Blueonyx@mail.blueonyx.it > http://mail.blueonyx.it/mailman/listinfo/blueonyx > _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx
