Fun with renewing a ssl csr, and the perils of email crm tracking

Sisyphus is still a role model

Sisyphus is still a role model

So i decided to renew the ssl (my blog), and that meant a new csr which i created.  Once the money business was dealt with things then did not go smoothly, although it verified ok, it then did not like some fields so reset my openssl.cnf and regenerate the file minus country zone and town which might be a criticism and make ssl providers of cheap end seem not interested in the concept of verification.

the www screws up verisign too in the process

postfix/smtpd[28695]: NOQUEUE: reject: RCPT from authmail1.verisign.com[69.58.183.55]: 554 5.7.1 <postmaster@www.*.tld>: Relay access denied; from=<*@*.com> to=<postmaster@*.tld> proto=ESMTP helo=<authmail1.verisign.com>

For contant emails i put no http://www.domain.tld but just domain.tld

Having put a stop to the annoying crm tracking emails with the money, i stop my ssl renewal for a week where i than mail bombed to death by the crm softwatre for not completing the order because the csr was deemed bad by there back end. and ssl does not just mean https. it means tls, and use in other applications its not a one trick pony.

I wreck my second attempt as i want www. and .x.tld.  Third time lucky get www and .tld in the certificate – (www goes first) ,  https is an install  breeze except my firefox config security.tls.version.min then throws a hissy fit, i reset it (my blog) Oh well easy come and easy go

It takes a bit of time to replace the old cert with the new cert, less than before. i make pem for the mail store and point it to the right file and postfix does not like my efforts but i copy the pem to postfix and that also seems to work, if it was just http then sure the process is easy, that is until i start on ssl configurations (my blog) and here i go from a+ back to a b in quays, due to openssl issues with tls which is not my fault.  Sigh.

i will cover the openssl apache issues later. in another post.

by golly but...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s