SSL Certificates & Upgrading from NowSMS Windows to NowSMS NextGen ...

SSL Certificates & Upgrading from NowSMS Windows to NowSMS NextGen ... SearchSearch
Author Message
Des - NowSMS Support
Board Administrator
Username: Desosms

Post Number: 6277
Registered: 08-2008
Posted on Thursday, April 22, 2021 - 03:46 am:   

From a tech support e-mail inquiry:


quote:

I have built the server, migrated the data and installed the next-gen linux onto CentOS7. I am getting an SSL error when I try to login via the web ui. I see in the directory /var/lib/nowsms/ I have the SSL files copied from the old server and I see there are new ones SSLPRIV.KEY and SSLPRIV.CRT. Can I just remove these and use the ssl.ca, ssl.crt and ssl.key or do I need to overwrite the private certs?




Ignore SSLPRIV.KEY and SSLPRIV.CRT. These are self-generated and used ONLY if SSL has not been configured.

It is acceptable to copy SSL.CA, SSL.CRT and SSL.KEY from a previously configured NowSMS server. We also recommend copying SSL.INI, if the file exists. But note that most Linux file systems are case sensitive, so these filenames should all be upper case. Also note that any change to the SSL certificate that is performed by updating these files will not take effect until NowSMS is restarted. (From a terminal window, use the command NowSMS /restart)

Alternatively, it is also possible to edit/update the SSL certificate via the web interface. This does not require a service restart, and NowSMS will report any errors when attempting to apply the certificate.

If no certificates have yet, been generated, use the “Install & Manage Certificates” button.



Use the “Edit” button to replace the private key (SSL.KEY) and certificate (SSL.CA).

(SSL.CSR and SSL.CRT are not actually used by the server, so there is no option to edit.)

A “Save Certificates” button will appear after you have entered the certificate data.



One somewhat common problem that can occur when moving certificates is if the private key was generated with a password.

NowSMS needs to have this password to decode the SSL configuration files.

This password is saved in a scrambled format in the SSL.INI file. So, if you are copying SSL configuration from another NowSMS server, copy SSL.INI, SSL.KEY and SSL.CA. (SSL.CSR and SSL.CRT can also be copied, but as note above, the server does not actually use these files.)

If you have password protected SSL files and you do not have an SSL.INI from another NowSMS server, use the “Create Certificate Signing Request (CSR)” button.



NowSMS will save the password in a scrambled format to SSL.INI. Now that the server has the password, it is possible to edit the “Private Key” and “Certificate” files to apply the password protected versions.

Add Your Message Here, or click here to start a new topic.
Post:
Bold text Italics Underline Create a hyperlink Insert a clipart image
Options: Automatically activate URLs in message
Action: