Main Board > Web Services

EZWeb Server and Automatic Security Certificate Reload using LET'S ENCRYPT SSL

(1/2) > >>

nmartinez@bristolind.com:
Hi everyone,
We are looking into an option to use an SSL certificate with EZWeb Server and while reading there is a section on the EZWeb Server documentation "Automatic Security Certificate Reload" where it talks about "Let's Encrypt SSL/TLS Certificates.  Wanted to see if anyone out there is using "Let's Encrypt SSL certs" with EZWeb Server and AUTO RENEWING them automatically.
Has anyone had any issues with this type of setup?  We can always get one from GoDaddy or another place, but liked the fact that documentation says that EZWeb will automatically be updated to use renewed certificate if one is found.
ALSO, our EZWeb is running on our on-prem RedHat Linux Server Version 8.3 and we will be allowing selected external sites via Firewall forwarding to get to our EZWeb server.
Thank you!

Mike King:
Were you able to get the Let's Encrypt interface to work for you?

PxPlus uses a standard .pem format file which is basically a text file with the private key and related certificates concatenated together -- should be pretty easy to obtain this from any SSL provider.

nmartinez@bristolind.com:
Hi Mike,
We had to put this project on hold, but will be picking it up in a couple of weeks. 

This is what we are thinking about doing:
. get an SSL for brealts@bristolind.com and this will bring us all the way to our on-prem firewall
. create a NAT rule to forward traffic from selected Tulip public IP addresses TO our on-prem private RedHat 8.3 server on port 443

Are we supposed to apply the SSL to our RedHat Linux server or just use the .PEM file with our EZWeb Server (point it to a path where this .PEM file is saved)?
Thank you, Mike!

nmartinez@bristolind.com:
Hi Mike,
When talking with GoDaddy support, they said I needed the CSR for the EZWeb Server.  How do I get this CSR, so I can provide it to them and generate the CRT?
Thank you!

Mike King:
Godaddy used to have a page that would allow you to create a CSR, otherwise you should be able to use OpenSSL to create your CSR and private key.

Navigation

[0] Message Index

[#] Next page

Go to full version