X-Junk-Score:   0 []
X-KAS-Score:   0 []
From: "=?utf-8?B?0KHQv9C40YDQvtCy0LAg0JLQu9Cw0LTQuNGB0LvQsNCy0LAg0KHQtdGA0LPQtQ==?= =?utf-8?B?0LXQstC90LA=?= vspirova@skzd.rzd.ru" <CGatePro@list.communigate.ru>
Received: from skzd-cggw-02.skzd.rzd.ru ([188.128.112.58] verified)
  by list.communigate.ru (CommuniGate Pro SMTP 6.3.7a)
  with ESMTP id 59344897 for cgatepro@list.communigate.ru; Tue, 15 Jun 2021 17:53:02 +0300
Received-SPF: pass
 receiver=mail.communigate.ru; client-ip=188.128.112.58; envelope-from=vspirova@skzd.rzd.ru
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=skzd.rzd.ru; s=mail;
	bh=MJ0ZKCOFJ9xNPf1JZcm0maX53eyk/qOvPVbhcAU91bY=;
	h=Content-Transfer-Encoding:Content-Type:To:From:Thread-Topic:MIME-Version:
	In-Reply-To:Message-Id:Date:Subject; b=ZJ/8MTqd0ghmvJjr4wLuqrfqVpDpRpzwcyDkUQ
	PfeDeBusK8N2XwGOUwRtIZiS/isyWpIGoZM0kylVeYABGihADCbzRhKH/mnsU0UCLm2rvRsZdpIzC
	byEkreUdb0waP4qhpUuP9UYX0tWM5wmf2e9eCftUEKVguisaG66nIS2I=
Received: by skzd-cggw-02.skzd.rzd.ru (CommuniGate Pro PIPE 6.2.15)
  with PIPE id 22703326; Tue, 15 Jun 2021 17:52:49 +0300
Received: from [10.244.1.132] (HELO skzd.oao.rzd)
  by skzd-cggw-02.skzd.rzd.ru (CommuniGate Pro SMTP 6.2.15)
  with ESMTP id 22703323 for CGatePro@list.communigate.ru; Tue, 15 Jun 2021 17:52:45 +0300
Received: from [10.51.11.28] (account vspirova@skzd.rzd.ru)
  by skzd.rzd (CommuniGate Pro IMAP 6.2.15)
  with XMIT id 2599865 for CGatePro@list.communigate.ru; Tue, 15 Jun 2021 17:52:45 +0300
Subject: RE: [CGP] Updating TLS keys and certificates securely.
Date: Tue, 15 Jun 2021 17:52:44 +0300
Message-Id: <208891e45a16774dbf970cafcbabb8a5@uc.skzd.rzd>
In-Reply-To: <list-59344899@mail.communigate.ru>
MIME-Version: 1.0
Thread-Topic: [CGP] Updating TLS keys and certificates securely.
Priority: Normal
Importance: normal
X-MSMail-Priority: normal
X-Priority: 3
Sensitivity: Normal
Thread-Index: Addh9hloVBKW/UBDRXyW6m3WXmhQUw==
To: "CommuniGate Pro Russian Discussions" <CGatePro@list.communigate.ru>
X-Mailer: CommuniGate Pro MAPI Connector 1.52.54.18/1.54.12.34
Content-Type: text/plain;
 charset="utf-8"
Content-Transfer-Encoding: quoted-printable

=D0=9A=D1=80=D0=BE=D0=BC=D0=B5 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=
=D0=BA=D0=B0=D1=82=D0=B0 =D0=BD=D0=B0=D0=BC =D1=82=D1=80=D0=B5=D0=B1=D1=83=
=D0=B5=D1=82=D1=81=D1=8F =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=B8=
=D1=82=D1=8C =D0=BD=D0=BE=D0=B2=D1=8B=D0=B9 =D0=BA=D0=BB=D1=8E=D1=87. =D0=
=A0=D0=B0=D0=BD=D0=B5=D0=B5 =D1=80=D0=B0=D0=B7=D0=BC=D0=B5=D1=80 =D0=BA=D0=
=BB=D1=8E=D1=87=D0=B0 =D0=B1=D1=8B=D0=BB 2048, =D0=B4=D0=BE=D0=BB=D0=B6=D0=
=B5=D0=BD =D0=B1=D1=8B=D1=82=D1=8C 4096. 
=D0=9A=D0=B0=D0=BA =D0=BF=D0=BE=D0=B4=D0=BA=D0=BB=D1=8E=D1=87=D0=B8=D1=82=
=D1=8C=D1=81=D1=8F =D1=87=D0=B5=D1=80=D0=B5=D0=B7 WebAdmin =D0=BF=D1=80=D0=
=B8 =D1=81=D0=BC=D0=B5=D0=BD=D0=B5 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=
=B8=D0=BA=D0=B0=D1=82=D0=B0 - =D1=8F =D0=BF=D0=BE=D0=BD=D0=B8=D0=BC=D0=B0=
=D1=8E.
=D0=A7=D1=82=D0=BE =D0=B1=D1=83=D0=B4=D0=B5=D1=82 =D1=81 =D0=BF=D0=BE=D0=BB=
=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D1=8F=D0=BC=D0=B8, =D0=BF=
=D0=BE=D0=B4=D0=BA=D0=BB=D1=8E=D1=87=D0=B5=D0=BD=D0=B8=D0=B5 =D0=BA=D0=BE=
=D1=82=D0=BE=D1=80=D1=8B=D1=85 =D0=BD=D0=B0=D1=81=D1=82=D1=80=D0=BE=D0=B5=
=D0=BD=D0=BE =D1=87=D0=B5=D1=80=D0=B5=D0=B7 SSL?  =D0=9E=D0=BD=D0=B8 =D1=81=
=D0=BC=D0=BE=D0=B3=D1=83=D1=82 =D0=BF=D0=BE=D0=B4=D0=BA=D0=BB=D1=8E=D1=87=
=D0=B0=D1=82=D1=8C=D1=81=D1=8F =D0=BA =D1=81=D0=B5=D1=80=D0=B2=D0=B5=D1=80=
=D1=83, =D0=BF=D0=BE=D0=BA=D0=B0 =D0=BC=D1=8B =D0=B1=D1=83=D0=B4=D0=B5=D0=
=BC =D0=BF=D1=80=D0=BE=D0=B2=D0=BE=D0=B4=D0=B8=D1=82=D1=8C =D1=80=D0=B0=D0=
=B1=D0=BE=D1=82=D1=8B? 

-----Original Message-----
From: CommuniGate Pro Russian Discussions <CGatePro@list.communigate.ru> 
Sent: Tuesday, June 15, 2021 5:42 PM
To: CommuniGate Pro Russian Discussions <CGatePro@list.communigate.ru>
Subject: Re: [CGP] Updating TLS keys and certificates securely.

=D0=97=D0=B4=D1=80=D0=B0=D0=B2=D1=81=D1=82=D0=B2=D1=83=D0=B9=D1=82=D0=B5.

On 2021-06-15 17:12 , =D0=A1=D0=BF=D0=B8=D1=80=D0=BE=D0=B2=D0=B0 =D0=92=D0=
=BB=D0=B0=D0=B4=D0=B8=D1=81=D0=BB=D0=B0=D0=B2=D0=B0 =D0=A1=D0=B5=D1=80=D0=
=B3=D0=B5=D0=B5=D0=B2=D0=BD=D0=B0 vspirova@skzd.rzd.ru
wrote:
> =D0=97=D0=B4=D1=80=D0=B0=D0=B2=D1=81=D1=82=D0=B2=D1=83=D0=B9=D1=82=D0=B5.
> CGP 6.2.15.  =D0=9A=D0=BB=D0=B0=D1=81=D1=82=D0=B5=D1=80. 5000 =D0=BF=D0=
=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D0=B5=D0=B9.
> =D0=A1=D0=BA=D0=BE=D1=80=D0=BE =D0=B7=D0=B0=D0=BA=D0=B0=D0=BD=D1=87=D0=B8=
=D0=B2=D0=B0=D1=8E=D1=82=D1=81=D1=8F =D0=BA=D0=BB=D1=8E=D1=87=D0=B8.
> =D0=9F=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D0=B8 =
=D1=80=D0=B0=D0=B1=D0=BE=D1=82=D0=B0=D1=8E=D1=82 =D0=BF=D0=BE SSL =D1=87=D0=
=B5=D1=80=D0=B5=D0=B7 =D0=BC=D0=B0=D0=BF=D0=B8-=D0=BA=D0=BE=D0=BD=D0=BD=D0=
=B5=D0=BA=D1=82=D0=BE=D1=80 =D0=B2 MS Outlook.
> =D0=9F=D0=BE=D0=B4=D1=81=D0=BA=D0=B0=D0=B6=D0=B8=D1=82=D0=B5, =D0=BF=D0=
=BE=D0=B6=D0=B0=D0=BB=D1=83=D0=B9=D1=81=D1=82=D0=B0, =D0=BA=D0=B0=D0=BA =D0=
=B7=D0=B0=D0=BC=D0=B5=D0=BD=D0=B8=D1=82=D1=8C =D1=81=D0=B5=D1=80=D1=82=D0=
=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D1=8B =D1=81 =D0=BC=D0=B8=D0=BD=D0=B8=D0=
=BC=D0=B0=D0=BB=D1=8C=D0=BD=D1=8B=D0=BC =D0=BF=D1=80=D0=BE=D1=81=D1=82=D0=
=BE=D0=B5=D0=BC =D0=B4=D0=BB=D1=8F =D0=BD=D0=B8=D1=85? =D0=9F=D1=80=D0=B0=
=D0=B2=D0=B8=D0=BB=D1=8C=D0=BD=D0=BE =D0=BB=D0=B8 =D1=8F =D0=BF=D0=BE=D0=BD=
=D0=B8=D0=BC=D0=B0=D1=8E?
> 1. =D0=9F=D0=B5=D1=80=D0=B5=D0=B2=D0=B5=D1=81=D1=82=D0=B8 PKI Services =
=D0=B2 =D1=82=D0=B5=D1=81=D1=82=D0=BE=D0=B2=D1=8B=D0=B9 =D1=80=D0=B5=D0=B6=
=D0=B8=D0=BC.
> 2. =D0=91=D1=8B=D1=81=D1=82=D1=80=D0=B5=D0=BD=D1=8C=D0=BA=D0=BE =D1=83=D0=
=B4=D0=B0=D0=BB=D0=B8=D1=82=D1=8C =D1=81=D1=82=D0=B0=D1=80=D1=8B=D0=B9 =D0=
=BA=D0=BB=D1=8E=D1=87 =D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=
=BA=D0=B0=D1=82 3.=D0=A1=D0=BE=D0=B7=D0=B4=D0=B0=D1=82=D1=8C =D0=B7=D0=B0=
=D0=BF=D1=80=D0=BE=D1=81 =D0=BD=D0=B0 
> =D0=B2=D1=8B=D0=BF=D1=83=D1=81=D0=BA =D0=BD=D0=BE=D0=B2=D0=BE=D0=B3=D0=BE=
 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0, =D0=B2=
=D1=8B=D0=BF=D1=83=D1=81=D1=82=D0=B8=D1=82=D1=8C =D0=B5=D0=B3=D0=BE.
> 4. =D0=A3=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=B8=D1=82=D1=8C =D0=BD=D0=
=BE=D0=B2=D1=8B=D0=B9 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=
=B0=D1=82
> 5. =D0=9F=D0=B5=D1=80=D0=B5=D0=B2=D0=B5=D1=81=D1=82=D0=B8 PKI Services =
=D0=B2 =D1=80=D0=B5=D0=B6=D0=B8=D0=BC Enable?

=D0=97=D0=B0=D0=BF=D1=80=D0=BE=D1=81 =D0=BD=D0=B0 =D0=BD=D0=BE=D0=B2=D1=8B=
=D0=B9 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82 (CSR) =
=D0=BC=D0=BE=D0=B6=D0=BD=D0=BE =D1=81=D0=B3=D0=B5=D0=BD=D0=B5=D1=80=D0=B8=
=D1=82=D1=8C =D0=BF=D1=80=D0=B8 =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=
=D0=BB=D0=B5=D0=BD=D0=BD=D0=BE=D0=BC =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=
=D0=B8=D0=BA=D0=B0=D1=82=D0=B5 (=D0=B5=D1=81=D0=BB=D0=B8 =D0=BD=D0=B5 =D0=
=BC=D0=B5=D0=BD=D1=8F=D0=BB=D0=B8=D1=81=D1=8C =D0=BF=D0=B0=D1=80=D0=B0=D0=
=BC=D0=B5=D1=82=D1=80=D1=8B). =D0=92=D0=BE=D0=BE=D0=B1=D1=89=D0=B5, =D1=81=
=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82 =D0=BC=D0=BE=D0=B6=
=D0=BD=D0=BE b=D0=B8 =D0=BD=D1=83=D0=B6=D0=BD=D0=BE =D0=BF=D0=BE=D0=BB=D1=
=83=D1=87=D0=B8=D1=82=D1=8C =D0=B7=D0=B0=D1=80=D0=B0=D0=BD=D0=B5=D0=B5.

=D0=95=D1=81=D0=BB=D0=B8 =D0=BD=D0=BE=D0=B2=D1=8B=D0=B9 =D1=81=D0=B5=D1=80=
=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82 =D0=B2=D1=8B =D0=BF=D0=BE=D0=BB=
=D1=83=D1=87=D0=B0=D0=B5=D1=82=D0=B5 =D0=B2 =D0=BE=D1=82=D0=B2=D0=B5=D1=82 =
=D0=BD=D0=B0=D1=81=D1=82=D0=BE=D1=8F=D1=89=D0=B8=D0=B9 CSR, =D1=82=D0=BE =
=D1=87=D0=B0=D1=81=D1=82=D0=BD=D1=8B=D0=B9 =D0=BA=D0=BB=D1=8E=D1=87 =D1=81=
=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0 =D0=BD=D0=B5 =
=D0=BC=D0=B5=D0=BD=D1=8F=D0=B5=D1=82=D1=81=D1=8F, =D0=B4=D0=BB=D1=8F =D1=81=
=D0=BC=D0=B5=D0=BD=D1=8B =D0=B4=D0=BE=D1=81=D1=82=D0=B0=D1=82=D0=BE=D1=87=
=D0=BD=D0=BE =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=B8=D1=82=D1=8C =
=D0=B2=D0=BD=D0=BE=D0=B2=D1=8C =D0=BF=D0=BE=D0=BB=D1=83=D1=87=D0=B5=D0=BD=
=D0=BD=D1=8B=D0=B9 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=
=D1=82 - =D1=8D=D1=82=D0=BE =D0=B4=D0=B5=D0=BB=D0=B0=D0=B5=D1=82=D1=81=D1=
=8F =D0=B2 =D0=BE=D0=B4=D0=BD=D0=BE =D0=B4=D0=B5=D0=B9=D1=81=D1=82=D0=B2=D0=
=B8=D0=B5 =D1=87=D0=B5=D1=80=D0=B5=D0=B7 WebAdmin, =D0=B8 =D0=BF=D0=BE=D1=
=82=D0=BE=D0=BC=D1=83 =D0=BD=D0=B8=D0=BA=D0=B0=D0=BA=D0=B8=D1=85 =D1=85=D0=
=B8=D1=82=D1=80=D0=BE=D1=81=D1=82=D0=B5=D0=B9 =D0=BD=D0=B5 =D1=82=D1=80=D0=
=B5=D0=B1=D1=83=D0=B5=D1=82=D1=81=D1=8F.

=D0=98=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=D0=
=B5 =D1=82=D0=B5=D1=81=D1=82=D0=BE=D0=B2=D0=BE=D0=B3=D0=BE =D1=81=D0=B5=D1=
=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0  - =D0=BA=D1=80=D0=B0=
=D0=B9=D0=BD=D1=8F=D1=8F =D0=BC=D0=B5=D1=80=D0=B0 =D0=B8 =D0=BF=D1=80=D0=B8=
=D0=BC=D0=B5=D0=BD=D1=8F=D1=82=D1=8C=D1=81=D1=8F =D0=B4=D0=BE=D0=BB=D0=B6=
=D0=BD=D0=B0 =D1=82=D0=BE=D0=BB=D1=8C=D0=BA=D0=BE =D0=BF=D1=80=D0=B8 =D0=BE=
=D1=82=D1=81=D1=83=D1=82=D1=81=D1=82=D0=B2=D0=B8=D0=B8 =D0=BD=D0=BE=D1=80=
=D0=BC=D0=B0=D0=BB=D1=8C=D0=BD=D0=BE=D0=B3=D0=BE =D1=81=D0=B5=D1=80=D1=82=
=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0. =D0=91=D1=80=D0=B0=D1=83=D0=B7=
=D0=B5=D1=80=D1=8B =D0=BD=D0=B5 =D0=B2=D0=B5=D1=80=D1=8F=D1=82 =D1=82=D0=B5=
=D1=81=D1=82=D0=BE=D0=B2=D0=BE=D0=BC=D1=83 =D1=81=D0=B5=D1=80=D1=82=D0=B8=
=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D1=83 =D0=BD=D0=B5 =D0=BF=D1=80=D0=BE=D1=81=
=D1=82=D0=BE =D1=82=D0=B0=D0=BA.

> =D0=9D=D0=B5 =D0=BD=D0=B0=D1=80=D1=83=D1=88=D0=B8=D1=82=D1=81=D1=8F =D0=
=BB=D0=B8 =D1=80=D0=B0=D0=B1=D0=BE=D1=82=D0=BE=D1=81=D0=BF=D0=BE=D1=81=D0=
=BE=D0=B1=D0=BD=D0=BE=D1=81=D1=82=D1=8C =D0=BF=D0=BE=D1=87=D1=82=D1=8B =D0=
=BF=D1=80=D0=B8 =D1=8D=D1=82=D0=BE=D0=BC?

=D0=92=D1=80=D0=B5=D0=BC=D1=8F =D1=80=D0=B0=D0=B1=D0=BE=D1=82=D1=8B =D1=81 =
=D0=BB=D1=8E=D0=B1=D1=8B=D0=BC =D1=83=D1=89=D0=B5=D1=80=D0=B1=D0=BD=D1=8B=
=D0=BC =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=BE=
=D0=BC =D0=BD=D0=B0=D0=B4=D0=BE =D1=81=D0=B2=D0=B5=D1=81=D1=82=D0=B8 =D0=BA=
 =D0=BC=D0=B8=D0=BD=D0=B8=D0=BC=D1=83=D0=BC=D1=83.

=D0=95=D1=81=D0=BB=D0=B8 =D0=BF=D1=80=D0=B8 =D0=BE=D0=B1=D0=BD=D0=BE=D0=B2=
=D0=BB=D0=B5=D0=BD=D0=B8=D0=B8 =D0=B2=D1=8B =D0=BF=D0=BE=D0=BB=D1=83=D1=87=
=D0=B0=D0=B5=D1=82=D0=B5 =D1=82=D0=BE=D0=BB=D1=8C=D0=BA=D0=BE =D0=BD=D0=BE=
=D0=B2=D1=8B=D0=B9 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=
=D1=82, =D0=B0 =D0=BA=D0=BB=D1=8E=D1=87 =D0=BD=D0=B5 =D0=BC=D0=B5=D0=BD=D1=
=8F=D0=B5=D1=82=D1=81=D1=8F, =D1=82=D0=BE =D0=B2=D1=81=D1=91 =D0=BF=D1=80=
=D0=BE=D1=81=D1=82=D0=BE: =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=B0=D0=B2=D0=BB=
=D0=B8=D0=B2=D0=B0=D0=B5=D1=82=D0=B5 =D0=BD=D0=BE=D0=B2=D1=8B=D0=B9 =D1=81=
=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82 =D1=87=D0=B5=D1=80=
=D0=B5=D0=B7 WebAdmin, =D0=B8 =D0=BE=D0=BD =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=
=D1=8C=D0=B7=D1=83=D0=B5=D1=82=D1=81=D1=8F =D1=81=D1=80=D0=B0=D0=B7=D1=83 =
=D0=BF=D0=BE=D1=81=D0=BB=D0=B5 =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=
=D0=BA=D0=B8.

=D0=9D=D0=BE =D0=B2=D0=BE=D1=82 =D0=B5=D1=81=D0=BB=D0=B8 =D0=B2=D0=B0=D0=BC=
 =D0=BD=D0=B0=D0=B4=D0=BE =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=B8=
=D1=82=D1=8C =D0=B2=D0=BC=D0=B5=D1=81=D1=82=D0=B5 =D1=81 =D0=BD=D0=BE=D0=B2=
=D1=8B=D0=BC =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=
=D0=BE=D0=BC =D0=B8 =D0=BD=D0=BE=D0=B2=D1=8B=D0=B9 =D0=BA=D0=BB=D1=8E=D1=87=
, =D1=82=D0=BE =D1=82=D1=83=D1=82 =D1=83=D0=B6=D0=B5 =D0=BD=D0=B0=D0=B4=D0=
=BE =D0=BF=D0=BE=D0=B4=D1=81=D1=82=D1=80=D0=B0=D1=85=D0=BE=D0=B2=D0=B0=D1=
=82=D1=8C=D1=81=D1=8F, =D0=BA=D0=B0=D0=BA =D0=B1=D1=8B=D0=BB=D0=BE =D0=BE=
=D0=BF=D0=B8=D1=81=D0=B0=D0=BD=D0=BE =D1=80=D0=B0=D0=BD=D0=B5=D0=B5 - =D0=
=BE=D0=B1=D0=B5=D1=81=D0=BF=D0=B5=D1=87=D0=B8=D1=82=D1=8C =D0=B1=D0=B5=D0=
=B7=D0=BE=D0=BF=D0=B0=D1=81=D0=BD=D1=8B=D0=B9 =D0=B4=D0=BE=D1=81=D1=82=D1=
=83=D0=BF =D0=BA WebAdmin =D0=BD=D0=B0 =D0=B2=D1=80=D0=B5=D0=BC=D1=8F, =D0=
=BF=D0=BE=D0=BA=D0=B0 =D1=83 =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD=D0=B0 =D0=BD=D0=
=B5=D1=82 =D0=BF=D0=BE=D0=BB=D0=BD=D0=BE=D0=B3=D0=BE =D0=BD=D0=B0=D0=B1=D0=
=BE=D1=80=D0=B0 (=D0=BA=D0=BB=D1=8E=D1=87=D0=B0 =D0=B8 =D1=81=D0=B5=D1=80=
=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0).

> =D0=A1 =D1=83=D0=B2=D0=B0=D0=B6=D0=B5=D0=BD=D0=B8=D0=B5=D0=BC,
> =D0=A1=D0=BF=D0=B8=D1=80=D0=BE=D0=B2=D0=B0 =D0=92=D0=BB=D0=B0=D0=B4=D0=B8=
=D1=81=D0=BB=D0=B0=D0=B2=D0=B0 =D0=A1=D0=B5=D1=80=D0=B3=D0=B5=D0=B5=D0=B2=
=D0=BD=D0=B0
> =D0=A0=D0=BE=D1=81=D1=82=D0=BE=D0=B2=D1=81=D0=BA=D0=B8=D0=B9 =D0=B8=D0=BD=
=D1=84=D0=BE=D1=80=D0=BC=D0=B0=D1=86=D0=B8=D0=BE=D0=BD=D0=BD=D0=BE-=D0=B2=
=D1=8B=D1=87=D0=B8=D1=81=D0=BB=D0=B8=D1=82=D0=B5=D0=BB=D1=8C=D0=BD=D1=8B=D0=
=B9 =D1=86=D0=B5=D0=BD=D1=82=D1=80 =D0=9E=D0=90=D0=9E =D0=A0=D0=96=D0=94
>   Vspirova@skzd.rzd.ru
>          
> 
> 
> 
> -----Original Message-----
> From: CommuniGate Pro Russian Discussions 
> <CGatePro@list.communigate.ru>
> Sent: Tuesday, June 15, 2021 11:35 AM
> To: CommuniGate Pro Russian Discussions <CGatePro@list.communigate.ru>
> Subject: Re: [CGP] Updating TLS keys and certificates securely.
> 
> Hello and welcome to the list.
> 
> On 2021-06-15 10:57 , Fred. Zwarts F.Zwarts@KVI.nl wrote:
>> Last week our TLS certificate expired. In addition for a new 
>> certificate a larger key-pair was needed. When we received the new 
>> certificate we tried to configure the new certificate using the secure p=
ort 9010.
>> However, halfway the procedure, the old certificate disappeared and 
>> the new one was not yet present. So, we had to fall back to the 
>> insecure port 8010 to complete the configuration of the new certificate.
>> We are unhappy with this for two reasons, first because now there has 
>> been a short period in which the mail server was not accessible in a 
>> secure way and, second, because we are a bit worried to have to enter 
>> sensitive information (authentication) with a insecure connection.
>>
>> Probably, we did not follow the right procedure. From the 
>> documentation it is not clear to us how we can keep using a secure 
>> connection when updating key-pairs and certificate. Is it possible to 
>> enter them in advance a specify a time when they will be activated? I 
>> hope someone can enlighten us about the correct procedure.
> 
> Yes, in the cases when both the private key and the certificate need to b=
e changed, a domain in CGPro is left without matching key-certificate pair =
and without SSL/TLS access. We plan to support multiple certificates for a =
domain in future, but right now the built-in Test certificate should meet t=
he purpose of a temporary certificate - just don't forget to switch to Test=
 in PKI settings before changing the key and certificate. Though, there's a=
 catch with the Test certificate:
> browsers do not trust it by default.
> 
> Also, if you have more than one domain on the server with TLS certs insta=
lled (even without an IP dedicated to those domains) then you can use those=
 domains to access the administrative interface of other domains (it may be=
 necessary to provide auth data with full admin account name that includes =
the correct domain).
> 
> You can also use CLI to set both the key and the cert in one request and =
we have a script for that:
> https://www.communigate.ru/pub/stuff/noarch/domcert-pwd.pl
> 
> Finally, regarding the access via the insecure port 8010: that should be =
limited to the local trusted network and the loopback address. You are supp=
osed to have ssh access to the remotely running server anyway and ssh can b=
e used to tunnel access to 127.0.0.1:8010 on the server. This is always nic=
e to have. BTW, the HTTPA sochet on 127.0.0.1 may be marked as having "Exte=
rnal" SSL/TLS support, so connections through it are always considered secu=
re.
> 
> A short digest in Russian:
> 
> =D0=92=D0=BE=D0=BF=D1=80=D0=BE=D1=81 =D0=BE =D1=82=D0=BE=D0=BC, =D0=BA=D0=
=B0=D0=BA =D0=BF=D1=80=D0=B0=D0=B2=D0=B8=D0=BB=D1=8C=D0=BD=D0=BE =D1=81=D0=
=BC=D0=B5=D0=BD=D0=B8=D1=82=D1=8C =D0=B2 =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD=D0=
=B5 =D0=BA=D0=BB=D1=8E=D1=87 =D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=
=B8=D0=BA=D0=B0=D1=82 TLS
> =D0=BE=D0=B4=D0=BD=D0=BE=D0=B2=D1=80=D0=B5=D0=BC=D0=B5=D0=BD=D0=BD=D0=BE:=
 =D0=BF=D0=BE=D1=81=D0=BA=D0=BE=D0=BB=D1=8C=D0=BA=D1=83 =D1=8D=D1=82=D0=BE =
=D0=BD=D0=B5=D0=BB=D1=8C=D0=B7=D1=8F =D1=81=D0=B5=D0=B9=D1=87=D0=B0=D1=81 =
=D1=81=D0=B4=D0=B5=D0=BB=D0=B0=D1=82=D1=8C =D1=87=D0=B5=D1=80=D0=B5=D0=B7 W=
ebAdmin =D0=B2 =D0=BE=D0=B4=D0=BD=D0=BE =D0=B4=D0=B5=D0=B9=D1=81=D1=82=D0=
=B2=D0=B8=D0=B5, =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD =D0=BE=D1=81=D1=82=D0=B0=D1=
=91=D1=82=D1=81=D1=8F =D0=B1=D0=B5=D0=B7 =D0=BF=D0=B0=D1=80=D1=8B =D0=BA=D0=
=BB=D1=8E=D1=87-=D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=
=82 =D0=B8 =D0=B5=D1=81=D1=82=D1=8C =D1=80=D0=B8=D1=81=D0=BA =D0=BF=D0=BE=
=D1=82=D0=B5=D1=80=D1=8F=D1=82=D1=8C =D0=B1=D0=B5=D0=B7=D0=BE=D0=BF=D0=B0=
=D1=81=D0=BD=D1=8B=D0=B9 =D0=B4=D0=BE=D1=81=D1=82=D1=83=D0=BF =D0=B2 WebAdm=
in =D0=BF=D0=BE=D1=81=D1=80=D0=B5=D0=B4=D0=B8 =D0=BE=D0=BF=D0=B5=D1=80=D0=
=B0=D1=86=D0=B8=D0=B8.
> =D0=92=D0=BE=D0=B7=D0=BC=D0=BE=D0=B6=D0=BD=D1=8B=D1=85 =D1=80=D0=B5=D1=88=
=D0=B5=D0=BD=D0=B8=D0=B9 =D0=BD=D0=B5=D1=81=D0=BA=D0=BE=D0=BB=D1=8C=D0=BA=
=D0=BE: =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D0=BD=
=D0=B8=D0=B5 =D0=B2=D1=81=D1=82=D1=80=D0=BE=D0=B5=D0=BD=D0=BD=D0=BE=D0=B3=
=D0=BE =D1=82=D0=B5=D1=81=D1=82=D0=BE=D0=B2=D0=BE=D0=B3=D0=BE =D1=81=D0=B5=
=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0, =D0=B8=D1=81=D0=BF=
=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5 =D0=B4=D1=80=
=D1=83=D0=B3=D0=B8=D1=85 =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD=D0=BE=D0=B2 =D1=81 =
=D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=BB=D0=B5=D0=BD=D0=BD=D1=8B=D0=
=BC=D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=
=B0=D0=BC=D0=B8 =D0=B4=D0=BB=D1=8F =D0=B4=D0=BE=D1=81=D1=82=D1=83=D0=BF=D0=
=B0 =D0=B2 WebAdmin, =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=
=D0=B0=D0=BD=D0=B8=D0=B5 CLI =D1=81=D0=BA=D1=80=D0=B8=D0=BF=D1=82=D0=B0 =D0=
=B4=D0=BB=D1=8F =D1=81=D0=BC=D0=B5=D0=BD=D1=8B =D0=BA=D0=BB=D1=8E=D1=87=D0=
=B0 =D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=
=B0 =D0=B2 =D0=BE=D0=B4=D0=BD=D0=BE =D0=B4=D0=B5=D0=B9=D1=81=D1=82=D0=B2=D0=
=B8=D0=B5, =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D0=
=BD=D0=B8=D0=B5 ssh =D1=82=D1=83=D0=BD=D0=BD=D0=B5=D0=BB=D0=B8=D1=80=D0=BE=
=D0=B2=D0=B0=D0=BD=D0=B8=D1=8F =D0=B4=D0=BE =D0=BD=D0=B5=D1=88=D0=B8=D1=84=
=D1=80=D0=BE=D0=B2=D0=B0=D0=BD=D0=BD=D0=BE=D0=B3=D0=BE =D0=BF=D0=BE=D1=80=
=D1=82=D0=B0 WebAdmin.


--
Best regards,
Dmitry Akindinov

##################################################################
=D0=92=D1=8B =D0=BF=D0=BE=D0=BB=D1=83=D1=87=D0=B8=D0=BB=D0=B8 =D1=8D=D1=82=
=D0=BE =D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D0=B5 =D0=BF=D0=BE=
=D1=82=D0=BE=D0=BC=D1=83, =D1=87=D1=82=D0=BE =D0=BF=D0=BE=D0=B4=D0=BF=D0=B8=
=D1=81=D0=B0=D0=BD=D1=8B =D0=BD=D0=B0 =D1=81=D0=BF=D0=B8=D1=81=D0=BE=D0=BA =
=D1=80=D0=B0=D1=81=D1=81=D1=8B=D0=BB=D0=BA=D0=B8
  <CGatePro@list.communigate.ru>.

=D0=A7=D1=82=D0=BE=D0=B1=D1=8B =D0=BE=D1=82=D0=BF=D0=B8=D1=81=D0=B0=D1=82=
=D1=8C=D1=81=D1=8F, =D0=BE=D1=82=D0=BF=D1=80=D0=B0=D0=B2=D1=8C=D1=82=D0=B5 =
=D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D0=B5 =D0=BD=D0=B0 =D0=B0=
=D0=B4=D1=80=D0=B5=D1=81 <CGatePro-off@list.communigate.ru>
=D0=A7=D1=82=D0=BE=D0=B1=D1=8B =D0=BF=D0=B5=D1=80=D0=B5=D0=BA=D0=BB=D1=8E=
=D1=87=D0=B8=D1=82=D1=8C=D1=81=D1=8F =D0=B2 =D1=80=D0=B5=D0=B6=D0=B8=D0=BC =
=D0=B4=D0=B0=D0=B9=D0=B4=D0=B6=D0=B5=D1=81=D1=82=D0=B0 - mailto:<CGatePro-d=
igest@list.communigate.ru>
=D0=A7=D1=82=D0=BE=D0=B1=D1=8B =D0=BF=D0=B5=D1=80=D0=B5=D0=BA=D0=BB=D1=8E=
=D1=87=D0=B8=D1=82=D1=8C=D1=81=D1=8F =D0=B2 =D0=B8=D0=BD=D0=B4=D0=B5=D0=BA=
=D1=81=D0=BD=D1=8B=D0=B9 =D1=80=D0=B5=D0=B6=D0=B8=D0=BC - mailto:<CGatePro-=
index@list.communigate.ru>
=D0=94=D0=BB=D1=8F =D0=B0=D0=B4=D0=BC=D0=B8=D0=BD=D0=B8=D1=81=D1=82=D1=80=
=D0=B0=D1=82=D0=B8=D0=B2=D0=BD=D1=8B=D1=85 =D0=B7=D0=B0=D0=BF=D1=80=D0=BE=
=D1=81=D0=BE=D0=B2 =D0=B0=D0=B4=D1=80=D0=B5=D1=81 <CGatePro-request@list.co=
mmunigate.ru>
=D0=90=D1=80=D1=85=D0=B8=D0=B2 =D1=81=D0=BF=D0=B8=D1=81=D0=BA=D0=B0: http:/=
/list.communigate.ru/Lists/CGatePro/List.html