bjoernvold.com

I have to write this down...

I had set up my self signed certificates to get SSL for my (Centos 7) viking server.

After one year they did expire and now they had to be renewed and I will never remember howto do it so that is why I write it down here:

Step 1:
Find your certificates:

This will come up with something like this:


Here we are interested in the SSLCertificateFile and SSLCertificateKeyFile directives (ca.crt and ca.key in this case).


Step 2
Check the permissions of the files:


They are owned by root and can only be read and written to by root (permission 600). Your new files will need the same permissions when you’re done.

Step 3
Create the New Self-Signed Certificate and Key Files - as root:

If you want your certificate to last longer than one year this would be the place to do it....

Step 4
Restart your server:


It's as easy as that

So now you can check out https://viking60.no-ip.org/owncloud

...and you will get a lot of protests about untrusted because it is self signed or something like that.

This is because I do not pay the NSA cooperating certificate dudes - with gag orders - money.

If you ask me I am more trustworthy than them (Well I think so )

Common name: viking60-no-ip.org Organization: viking60.no-ip.org Org. Unit: viking60-no-ip.org Location: NO Valid from November 29, 2017 to August 25, 2020 Serial Number: 15708010913675866908 (0xd9fe10b38d9bf31c) Signature Algorithm: sha256WithRSAEncryption Issuer: viking60-no-ip.org

This is up to you though and remember the site is way more secure with SSL than without it and plain http would give you no warning.

So press all the buttons to accept the certificate.

In FF it is under Advanced and add exception but different browsers have different complaints so you need to find the buttons and push them.

Regarding the backup of this board; you will get an error because the vanilla phpBB does not accept the Mysql database anymore.
That is a real problem and I am working on it.