Well with the help of all you good folks I finally got a cert installed. It looks like the original problem was that the help-desk folks at NameCheap didn't issue the right type of cert for some reason. This time all was good but ... you were waiting for that weren't you!

Two "issues".

1) If I tell DCM to validate the application the cert is assigned to it throws a big red/pink X and says "The application has no Certificate Authorities defined in the application trust list." Earlier it had told me that all CAs would be trusted so I didn't assign anything. Am I OK leaving it like this? I don't recall having to do anything specific before.

2) If I attempt to validate the SSL status with sslshopper.com <http://sslshopper.com/> it tells me the cert expires in 12 days - and yes I forced it to refresh its cached information. The new cert is the only one assigned to the HTTP server - although I have not actually deleted the old one. Has Apache cached the old cert and I need to restart the servers to force it to see the new cert?

About the only good thing about certs expiring faster is that I'll be doing this more regularly and may actually get the hang of it eventually!


Jon P.

On May 25, 2022, at 8:53 PM, Pete Helgren <pete@xxxxxxxxxx> wrote:

I'll definitely be curious as to what the issue is. The old DCM was my go-to but I went through a full cycle of requesting the the new cert (using old CSR) and importing the resulting signed cert. It worked for the first time using the new DCM so I think, if everything is properly processed, the import will work.

I have only been using LetEncrypt with DCM lately but other CA's shouldn't be an issue (famous last words....)

Pete Helgren
www.petesworkshop.com
GIAC Secure Software Programmer-Java
AWS Certified Cloud Practitioner
Microsoft Certified: Azure Fundamentals
Twitter - Sys_i_Geek IBM_i_Geek

On 5/25/2022 6:25 PM, Jon Paris wrote:
Thanks for the step by step Pete.

Sadly it didn't help - I can only think that the helpdesk person who generated the cert messed something up.

I have issued a new Cert Request and sent the file to them attached to a support ticket. Had no choice but to go this route as their web process just stalls out during the validation phase.

Will update this thread when it is all fixed. Thanks goodness I didn't wait until the day before the old one expired!


Jon P
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.