Re-Generate SSL Certificate

Reply
L1 Bithead

Re-Generate SSL Certificate

Hi, 

I'm in the process of hardening Expedetion (v 1.1.2) using the Expedition-Hardening-Guide.  Everything is going well, expect when I attempt to update the SSL certificate the changes do not seem to take effect.  I've even gone so far as to remove the old *snakeoil* files and replace them with new ones.  

 

Does anyone have advice on how to update to either a new self-signed certificate or trusted certificate?


Thanks,


L7 Applicator

Re: Re-Generate SSL Certificate

Probably you did but Have you restarted the apache daemon after the changes?

L1 Bithead

Re: Re-Generate SSL Certificate

Thanks for the feedback.  Yes I restarted both the service and the VM, it didn't seem to have any impact. 

Highlighted
L7 Applicator

Re: Re-Generate SSL Certificate

I just tried to run the 2 commands from the hardening guide and worked for me, Have you tried to use another browser to see if it gets the new certificate?

 

You can check in the config file if your apache is pointing to those certificates?

 

go to /etc/apache/sites-enabled 

 

and edit the file "default-ssl.conf and check for

 

SSLCertificateFile      /etc/ssl/certs/ssl-cert-snakeoil.pem

SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

 

Regards

L1 Bithead

Re: Re-Generate SSL Certificate

Thanks, a different browser picked up the new cert. 

Appreciate it!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!