Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
i was in the process of installing a new ssl certificate via plesk and deleted it, i forgot to save the private key that was generated with the csr that was used to issue the certificate. does that mean i now have to generate a new csr, and have the certificate provider re-issue a new one?
Yes, you'd need to start over. Certificate Authorities usually offer a second (backup) try for free (for cases like yours).
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 1 year ago.
Improve this question
I need to update my tls secrets, there is any best practices to do that?,
The steps considered by now are:
Create new secrets
Update the ingress definition in order it could take the new tls secrets.
I canĀ“t use cert-manager with letsencript.
Any advice?
I need to update my tls secrets, there is any best practices to do
that?, by now, I think, I have to create new secrets and update my
ingress definition in order it could take the new tls secrets.
Yes you are right Or else you can update the existing secret directly and no changes will be required to do the ingress side.
Create the YAML file with same name of secret and changes will get over write.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I would like to know if the public key depends on the used account. In other words, do I really have to use the same account on the server and the client when I add my public key (id_rsa.pub) in authorized_keys on the server?
Thanks.
The accounts don't matter. All that matters is that the client key is in the server account's authorized_keys file.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have a simple question that I should know but I just want to make sure.
I want to buy an ssl certificate but when I called them up to order it they asked me if I wanted the certificate for "example.ca" or "www.example.ca". Not wanting to make a mistake I decided to get clarification from the experts here.
I had not expected this type of question for I believed that they were both virtually identical but after being asked this question I would also like to know in terms of programming if there should be anything else I should know about the difference between the two.
Thanks everyone
Get the certificate issued for www.example.ca, but make sure the vendor will issue you a certificate that includes the base example.ca domain name as a subject alt name. I know that GoDaddy's certificates do this, but you can check with other vendors as they probably do the same. Do not pay the extra cash for a SAN (Subject Alt Name) certificates. These are meant for people trying to protect multiple distinct hostnames (e.g. www.example.ca, www.otherexample.ca).
In terms of programming, some servers may require a separate IP address for each subdomain, so www.example.ca would be different from shop.example.ca.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am looking for roughly how to generate new DKIM keys without effecting existing mail. It sounds like the only concern is mail in transit. Is there a common procedure for doing this?
You would generate a new key pair. Publish it in a new new selector._domainkey.example.com.
Wait for the new selector to propagate in DNS.
Update your e-mail system to use the new selector.
After a week or so, remove the old selector DNS record.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Today is friday and I'm a desperate sysadmin. I issued a demand of certificate for an HTTPS server, and just received it after more than a long week of waiting, but while my request was processed I lost the passphrase that secured my private key.
Given that I have the private key and the public key jointly generated with the passphrase (that I knew by the time), could there be a clever way to recover the lost passphrase.
Thanks in advance.
Not really. The point of these protection is precisely to make it infeasible to recover the password.
If the password wasn't too long, you might try brute force...
Your best option is probably to contact your CA and ask them to re-issue a certificate with a new CSR. Some might allow re-keying without an extra fee during the certificate validity period.