Hi Fabrice,
I’m actually trying to fix my bug about certificates. I did the same thing as
said in previous mails.
My administration’s board ( https://server:1443/admin/ ) is certificated but my
portal board is not.
How can I do the trick to fix it ?
Regards,
Yohann
________________________________
Yohann LE GALL
Administrateur Systèmes et Réseaux junior
[http://biocoop.eu/SignatureBiocoop/OWA_trait_biocoop.png]
[http://biocoop.eu/SignatureBiocoop/OWA_logo_Biocoop.png]<http://www.biocoop.fr/>
[http://biocoop.eu/SignatureBiocoop/OWA_text_logo.png]<http://www.biocoop.fr/>
www.biocoop.fr<http://www.biocoop.fr>
[http://biocoop.eu/SignatureBiocoop/OWA_instagram.png]<https://www.instagram.com/biocoop_officiel/?hl=fr>
[http://biocoop.eu/SignatureBiocoop/OWA_Twitter.png]
<http://twitter.com/biocoop/>
[http://biocoop.eu/SignatureBiocoop/OWA_logo_pinterest.png]
<http://fr.pinterest.com/biocoop/>
[http://biocoop.eu/SignatureBiocoop/OWA_FACEBOOK.png]
<https://fr-fr.facebook.com/Biocoop>
Adoptez l'éco-attitude: N'imprimez ce document que si nécessaire
De : Luís Torres via PacketFence-users
[mailto:packetfence-users@lists.sourceforge.net]
Envoyé : mardi 3 octobre 2017 16:52
À : packetfence-users@lists.sourceforge.net
Cc : Luís Torres <luistorr...@iol.pt>
Objet : Re: [PacketFence-users] Captive Portal certificate
Fabrice,
my bad..., the crt and key was not correctly exported.
Followed this procudure from de .pfx and it worked like you said:
ake the file you exported (e.g. certname.pfx) and copy it to a system where you
have OpenSSL installed. Note: the *.pfx file is in PKCS#12 format and includes
both the certificate and the private key.
Run the following command to export the private key: openssl pkcs12 -in
certname.pfx -nocerts -out key.pem -nodes
Run the following command to export the certificate: openssl pkcs12 -in
certname.pfx -nokeys -out cert.pem
Run the following command to remove the passphrase from the private key:
openssl rsa -in key.pem -out server.key
Thanks
Em 2017-10-03 14:54, Fabrice Durand via PacketFence-users escreveu:
You probably did a mistake with the concatenated certificate.
Is there any empty lines in the file ?
Le 2017-10-03 à 09:48, Luís Torres via PacketFence-users a écrit :
Hi Fabrice,
Just did that, restarted the haproxy but the result was :
ERROR pfcmd.pl(50729): pf::services::manager::haproxy=HASH(0xade6b0)->name died
or has failed to start (pf::services::manager::postStartCleanup)
the service HAproxy wont start
regards
LT
Em 2017-10-03 14:13, Fabrice Durand via PacketFence-users escreveu:
In fact haproxy terminate the ssl tunnel so you don't have to change the
ssl-certificates.conf file.
This file is just use for the admin interface now and not the portal anymore.
So just do that: (MyCERT.crt and MyPRIVKEY.key are your certificate files)
cat conf/ssl/MyCERT.crt conf/ssl/MyPRIVKEY.key > conf/ssl/server.pem
Regards
Fabrice
Le 2017-10-03 à 05:25, Luís Torres via PacketFence-users a écrit :
thank you Fabrice,
The ssl-certificates.conf should be like this as well? :
SSLCertificateChainFile %%install_dir%%/conf/ssl/server.pem
cheers
Em 2017-10-02 23:49, Durand fabrice via PacketFence-users escreveu:
Hello Luís,
you need to concatenate the certificates like that:
cat conf/ssl/server.crt conf/ssl/server.key > conf/ssl/server.pem
and restart haproxy
Regards
Fabrice
Le 2017-10-02 à 10:57, Luís Torres via PacketFence-users a écrit :
Hi,
to stop the cert error on the captive portal, its only need to change it on
ssl-certificates.conf to point to the correct ones?
thanks
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
fdur...@inverse.ca<mailto:fdur...@inverse.ca> :: +1.514.447.4918 (x135) ::
www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
fdur...@inverse.ca<mailto:fdur...@inverse.ca> :: +1.514.447.4918 (x135) ::
www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
