X-Junk-Score:   0 []
X-KAS-Score:   0 []
From: "=?utf-8?B?0KHQv9C40YDQvtCy0LAg0JLQu9Cw0LTQuNGB0LvQsNCy0LAg0KHQtdGA0LPQtQ==?= =?utf-8?B?0LXQstC90LA=?= vspirova@skzd.rzd.ru" <CGatePro@list.communigate.ru>
Received: from skzd-cggw-01.skzd.rzd.ru ([62.33.217.3] verified)
  by list.communigate.ru (CommuniGate Pro SMTP 6.3.7b)
  with ESMTP id 59350011 for cgatepro@list.communigate.ru; Tue, 15 Jun 2021 18:22:43 +0300
Received-SPF: pass
 receiver=mail.communigate.ru; client-ip=62.33.217.3; envelope-from=vspirova@skzd.rzd.ru
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=skzd.rzd.ru; s=mail;
	bh=Mf4Z6gLvP3AUFesft5hZVsyHG4JhTibjb2hwfoSMVi0=;
	h=Content-Transfer-Encoding:Content-Type:To:From:Thread-Topic:MIME-Version:
	In-Reply-To:Message-Id:Date:Subject; b=BXNHLy7C70BLBBXLCQ7fulAitEjLhct5FsxYrk
	o3UXx+kIYNo+uQt6kX9hrw17RLjnQL4cFHh1bGzyGY1eeo5Of+Wcay5/QBZ0Bbo/e7ba7x9Frb9ym
	MAmS+Bx8OlP/OBNyjDF9rCJM6UorJiNai646d3UwQViHOC4YB4z0MPX4=
Received: by skzd-cggw-01.skzd.rzd.ru (CommuniGate Pro PIPE 6.2.15)
  with PIPE id 24457552; Tue, 15 Jun 2021 18:22:32 +0300
Received: from [10.244.1.132] (HELO skzd.oao.rzd)
  by skzd-cggw-01.skzd.rzd.ru (CommuniGate Pro SMTP 6.2.15)
  with ESMTP id 24457550 for CGatePro@list.communigate.ru; Tue, 15 Jun 2021 18:22:22 +0300
Received: from [10.51.11.28] (account vspirova@skzd.rzd.ru)
  by skzd.rzd (CommuniGate Pro IMAP 6.2.15)
  with XMIT id 2600079 for CGatePro@list.communigate.ru; Tue, 15 Jun 2021 18:22:22 +0300
Subject: RE: [CGP] Updating TLS keys and certificates securely.
Date: Tue, 15 Jun 2021 18:22:21 +0300
Message-Id: <26b7f7ba8a9b5d4e854663e5af3ee98e@uc.skzd.rzd>
In-Reply-To: <list-59344932@mail.communigate.ru>
MIME-Version: 1.0
Thread-Topic: [CGP] Updating TLS keys and certificates securely.
Priority: Normal
Importance: normal
X-MSMail-Priority: normal
X-Priority: 3
Sensitivity: Normal
Thread-Index: Addh+jyOxJDd4tBHQ06vcDQnNQi8+Q==
To: "CommuniGate Pro Russian Discussions" <CGatePro@list.communigate.ru>
X-Mailer: CommuniGate Pro MAPI Connector 1.52.54.18/1.54.12.34
Content-Type: text/plain;
 charset="utf-8"
Content-Transfer-Encoding: quoted-printable

=D0=94=D0=BC=D0=B8=D1=82=D1=80=D0=B8=D0=B9, =D0=B1=D0=BB=D0=B0=D0=B3=D0=BE=
=D0=B4=D0=B0=D1=80=D1=8E =D0=B7=D0=B0 =D0=B8=D0=BD=D1=84=D0=BE=D1=80=D0=BC=
=D0=B0=D1=86=D0=B8=D1=8E.
=D0=98 =D0=B5=D1=89=D0=B5 =D0=BE=D0=B4=D0=B8=D0=BD =D0=B2=D0=BE=D0=BF=D1=80=
=D0=BE=D1=81 - =D0=BF=D1=80=D0=B8 =D0=B7=D0=B0=D0=BC=D0=B5=D0=BD=D0=B5 =D0=
=BA=D0=BB=D1=8E=D1=87=D0=B0 =D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=
=B8=D0=BA=D0=B0=D1=82=D0=B0 =D1=81=D0=BA=D1=80=D0=B8=D0=BF=D1=82=D0=BE=D0=
=BC https://www.communigate.ru/pub/stuff/noarch/domcert-pwd.pl =D0=BF=D0=BE=
=D1=82=D1=80=D0=B5=D0=B1=D1=83=D0=B5=D1=82=D1=81=D1=8F =D0=BF=D0=B5=D1=80=
=D0=B5=D0=B7=D0=B0=D0=BF=D1=83=D1=81=D0=BA CGP, =D0=B8=D0=BB=D0=B8 =D0=BD=
=D0=B0=D1=81=D1=82=D1=80=D0=BE=D0=B9=D0=BA=D0=B8 =D0=B4=D0=BE=D0=BC=D0=B5=
=D0=BD=D0=B0 =D0=BE=D0=B1=D0=BD=D0=BE=D0=B2=D1=8F=D1=82=D1=81=D1=8F =D0=B1=
=D0=B5=D0=B7 =D0=BF=D0=B5=D1=80=D0=B5=D0=B7=D0=B0=D0=BF=D1=83=D1=81=D0=BA=
=D0=B0 =D1=81=D0=B5=D1=80=D0=B2=D0=B8=D1=81=D0=B0?


-----Original Message-----
From: CommuniGate Pro Russian Discussions <CGatePro@list.communigate.ru> 
Sent: Tuesday, June 15, 2021 6:14 PM
To: CommuniGate Pro Russian Discussions <CGatePro@list.communigate.ru>
Subject: Re: [CGP] Updating TLS keys and certificates securely.

=D0=97=D0=B4=D1=80=D0=B0=D0=B2=D1=81=D1=82=D0=B2=D1=83=D0=B9=D1=82=D0=B5.

On 2021-06-15 17:52 , =D0=A1=D0=BF=D0=B8=D1=80=D0=BE=D0=B2=D0=B0 =D0=92=D0=
=BB=D0=B0=D0=B4=D0=B8=D1=81=D0=BB=D0=B0=D0=B2=D0=B0 =D0=A1=D0=B5=D1=80=D0=
=B3=D0=B5=D0=B5=D0=B2=D0=BD=D0=B0 vspirova@skzd.rzd.ru
wrote:
> =D0=9A=D1=80=D0=BE=D0=BC=D0=B5 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=
=D0=BA=D0=B0=D1=82=D0=B0 =D0=BD=D0=B0=D0=BC =D1=82=D1=80=D0=B5=D0=B1=D1=83=
=D0=B5=D1=82=D1=81=D1=8F =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=B8=
=D1=82=D1=8C =D0=BD=D0=BE=D0=B2=D1=8B=D0=B9 =D0=BA=D0=BB=D1=8E=D1=87. =D0=
=A0=D0=B0=D0=BD=D0=B5=D0=B5 =D1=80=D0=B0=D0=B7=D0=BC=D0=B5=D1=80 =D0=BA=D0=
=BB=D1=8E=D1=87=D0=B0 =D0=B1=D1=8B=D0=BB 2048, =D0=B4=D0=BE=D0=BB=D0=B6=D0=
=B5=D0=BD =D0=B1=D1=8B=D1=82=D1=8C 4096.
> =D0=9A=D0=B0=D0=BA =D0=BF=D0=BE=D0=B4=D0=BA=D0=BB=D1=8E=D1=87=D0=B8=D1=82=
=D1=8C=D1=81=D1=8F =D1=87=D0=B5=D1=80=D0=B5=D0=B7 WebAdmin =D0=BF=D1=80=D0=
=B8 =D1=81=D0=BC=D0=B5=D0=BD=D0=B5 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=
=B8=D0=BA=D0=B0=D1=82=D0=B0 - =D1=8F =D0=BF=D0=BE=D0=BD=D0=B8=D0=BC=D0=B0=
=D1=8E.
> =D0=A7=D1=82=D0=BE =D0=B1=D1=83=D0=B4=D0=B5=D1=82 =D1=81 =D0=BF=D0=BE=D0=
=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D1=8F=D0=BC=D0=B8, =D0=
=BF=D0=BE=D0=B4=D0=BA=D0=BB=D1=8E=D1=87=D0=B5=D0=BD=D0=B8=D0=B5 =D0=BA=D0=
=BE=D1=82=D0=BE=D1=80=D1=8B=D1=85 =D0=BD=D0=B0=D1=81=D1=82=D1=80=D0=BE=D0=
=B5=D0=BD=D0=BE =D1=87=D0=B5=D1=80=D0=B5=D0=B7 SSL?  =D0=9E=D0=BD=D0=B8 =D1=
=81=D0=BC=D0=BE=D0=B3=D1=83=D1=82 =D0=BF=D0=BE=D0=B4=D0=BA=D0=BB=D1=8E=D1=
=87=D0=B0=D1=82=D1=8C=D1=81=D1=8F =D0=BA =D1=81=D0=B5=D1=80=D0=B2=D0=B5=D1=
=80=D1=83, =D0=BF=D0=BE=D0=BA=D0=B0 =D0=BC=D1=8B =D0=B1=D1=83=D0=B4=D0=B5=
=D0=BC =D0=BF=D1=80=D0=BE=D0=B2=D0=BE=D0=B4=D0=B8=D1=82=D1=8C =D1=80=D0=B0=
=D0=B1=D0=BE=D1=82=D1=8B?

SSL/TLS =D1=81=D0=BE=D0=B5=D0=B4=D0=B8=D0=BD=D0=B5=D0=BD=D0=B8=D1=8F =D1=81=
 =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD=D0=BE=D0=BC, =D0=B3=D0=B4=D0=B5 =D0=B2=D1=
=8B =D0=BC=D0=B5=D0=BD=D1=8F=D0=B5=D1=82=D0=B5 =D0=BA=D0=BB=D1=8E=D1=87 =D0=
=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82, =D0=BD=D0=
=B5 =D0=BC=D0=BE=D0=B3=D1=83=D1=82 =D0=B1=D1=8B=D1=82=D1=8C =D1=83=D1=81=D1=
=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=BB=D0=B5=D0=BD=D1=8B, =D0=B0=3D=D0=BF=D0=BE=
=D0=BA=D0=B0 =D0=B2 =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD=D0=B5 =D0=BD=D0=B5=D1=82=
 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0 =D0=B8 =
=D1=81=D0=BE=D0=BE=D1=82=D0=B2=D0=B5=D1=82=D1=81=D1=82=D0=B2=D1=83=D1=8E=D1=
=89=D0=B5=D0=B3=D0=BE =D0=B5=D0=BC=D1=83 =D0=BA=D0=BB=D1=8E=D1=87=D0=B0.

=D0=9D=D0=BE =D1=81=D0=BC=D0=B5=D0=BD=D0=B0 =D0=BC=D0=BE=D0=B6=D0=B5=D1=82 =
=D0=B1=D1=8B=D1=82=D1=8C =D0=BF=D1=80=D0=BE=D0=B8=D0=B7=D0=B2=D0=B5=D0=B4=
=D0=B5=D0=BD=D0=B0 =D0=B7=D0=B0 =D0=BD=D0=B5=D1=81=D0=BA=D0=BE=D0=BB=D1=8C=
=D0=BA=D0=BE =D1=81=D0=B5=D0=BA=D1=83=D0=BD=D0=B4. =D0=9F=D0=BE=D0=BA=D0=B0=
 =D0=BA=D0=BB=D1=8E=D1=87 =D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=
=D0=BA=D0=B0=D1=82 =D0=BC=D0=B5=D0=BD=D1=8F=D1=8E=D1=82=D1=81=D1=8F, =D0=BD=
=D0=B5=D0=B2=D0=BE=D0=B7=D0=BC=D0=BE=D0=B6=D0=BD=D0=BE =D0=B1=D1=83=D0=B4=
=D0=B5=D1=82 =D0=BE=D1=82=D0=BA=D1=80=D1=8B=D1=82=D1=8C =D0=BD=D0=BE=D0=B2=
=D1=8B=D0=B5 =D1=88=D0=B8=D1=84=D1=80=D0=BE=D0=B2=D0=B0=D0=BD=D0=BD=D1=8B=
=D0=B5 =D1=81=D0=BE=D0=B5=D0=B4=D0=B8=D0=BD=D0=B5=D0=BD=D0=B8=D1=8F, =D1=83=
=D0=B6=D0=B5 =D0=BE=D1=82=D0=BA=D1=80=D1=8B=D1=82=D1=8B=D0=B5 =D1=81=D0=BE=
=D0=B5=D0=B4=D0=B8=D0=BD=D0=B5=D0=BD=D0=B8=D1=8F =D0=BD=D0=B5 =D0=BF=D0=BE=
=D1=81=D1=82=D1=80=D0=B0=D0=B4=D0=B0=D1=8E=D1=82.

> -----Original Message-----
> From: CommuniGate Pro Russian Discussions 
> <CGatePro@list.communigate.ru>
> Sent: Tuesday, June 15, 2021 5:42 PM
> To: CommuniGate Pro Russian Discussions <CGatePro@list.communigate.ru>
> Subject: Re: [CGP] Updating TLS keys and certificates securely.
> 
> =D0=97=D0=B4=D1=80=D0=B0=D0=B2=D1=81=D1=82=D0=B2=D1=83=D0=B9=D1=82=D0=B5.
> 
> On 2021-06-15 17:12 , =D0=A1=D0=BF=D0=B8=D1=80=D0=BE=D0=B2=D0=B0 =D0=92=
=D0=BB=D0=B0=D0=B4=D0=B8=D1=81=D0=BB=D0=B0=D0=B2=D0=B0 =D0=A1=D0=B5=D1=80=
=D0=B3=D0=B5=D0=B5=D0=B2=D0=BD=D0=B0 
> vspirova@skzd.rzd.ru
> wrote:
>> =D0=97=D0=B4=D1=80=D0=B0=D0=B2=D1=81=D1=82=D0=B2=D1=83=D0=B9=D1=82=D0=B5=
.
>> CGP 6.2.15.  =D0=9A=D0=BB=D0=B0=D1=81=D1=82=D0=B5=D1=80. 5000 =D0=BF=D0=
=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D0=B5=D0=B9.
>> =D0=A1=D0=BA=D0=BE=D1=80=D0=BE =D0=B7=D0=B0=D0=BA=D0=B0=D0=BD=D1=87=D0=
=B8=D0=B2=D0=B0=D1=8E=D1=82=D1=81=D1=8F =D0=BA=D0=BB=D1=8E=D1=87=D0=B8.
>> =D0=9F=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D0=B8=
 =D1=80=D0=B0=D0=B1=D0=BE=D1=82=D0=B0=D1=8E=D1=82 =D0=BF=D0=BE SSL =D1=87=
=D0=B5=D1=80=D0=B5=D0=B7 =D0=BC=D0=B0=D0=BF=D0=B8-=D0=BA=D0=BE=D0=BD=D0=BD=
=D0=B5=D0=BA=D1=82=D0=BE=D1=80 =D0=B2 MS Outlook.
>> =D0=9F=D0=BE=D0=B4=D1=81=D0=BA=D0=B0=D0=B6=D0=B8=D1=82=D0=B5, =D0=BF=D0=
=BE=D0=B6=D0=B0=D0=BB=D1=83=D0=B9=D1=81=D1=82=D0=B0, =D0=BA=D0=B0=D0=BA =D0=
=B7=D0=B0=D0=BC=D0=B5=D0=BD=D0=B8=D1=82=D1=8C =D1=81=D0=B5=D1=80=D1=82=D0=
=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D1=8B =D1=81 =D0=BC=D0=B8=D0=BD=D0=B8=D0=
=BC=D0=B0=D0=BB=D1=8C=D0=BD=D1=8B=D0=BC =D0=BF=D1=80=D0=BE=D1=81=D1=82=D0=
=BE=D0=B5=D0=BC =D0=B4=D0=BB=D1=8F =D0=BD=D0=B8=D1=85? =D0=9F=D1=80=D0=B0=
=D0=B2=D0=B8=D0=BB=D1=8C=D0=BD=D0=BE =D0=BB=D0=B8 =D1=8F =D0=BF=D0=BE=D0=BD=
=D0=B8=D0=BC=D0=B0=D1=8E?
>> 1. =D0=9F=D0=B5=D1=80=D0=B5=D0=B2=D0=B5=D1=81=D1=82=D0=B8 PKI Services =
=D0=B2 =D1=82=D0=B5=D1=81=D1=82=D0=BE=D0=B2=D1=8B=D0=B9 =D1=80=D0=B5=D0=B6=
=D0=B8=D0=BC.
>> 2. =D0=91=D1=8B=D1=81=D1=82=D1=80=D0=B5=D0=BD=D1=8C=D0=BA=D0=BE =D1=83=
=D0=B4=D0=B0=D0=BB=D0=B8=D1=82=D1=8C =D1=81=D1=82=D0=B0=D1=80=D1=8B=D0=B9 =
=D0=BA=D0=BB=D1=8E=D1=87 =D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=
=D0=BA=D0=B0=D1=82 3.=D0=A1=D0=BE=D0=B7=D0=B4=D0=B0=D1=82=D1=8C =D0=B7=D0=
=B0=D0=BF=D1=80=D0=BE=D1=81 =D0=BD=D0=B0 
>> =D0=B2=D1=8B=D0=BF=D1=83=D1=81=D0=BA =D0=BD=D0=BE=D0=B2=D0=BE=D0=B3=D0=
=BE =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0, =D0=
=B2=D1=8B=D0=BF=D1=83=D1=81=D1=82=D0=B8=D1=82=D1=8C =D0=B5=D0=B3=D0=BE.
>> 4. =D0=A3=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=B8=D1=82=D1=8C =D0=BD=
=D0=BE=D0=B2=D1=8B=D0=B9 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=
=D0=B0=D1=82
>> 5. =D0=9F=D0=B5=D1=80=D0=B5=D0=B2=D0=B5=D1=81=D1=82=D0=B8 PKI Services =
=D0=B2 =D1=80=D0=B5=D0=B6=D0=B8=D0=BC Enable?
> 
> =D0=97=D0=B0=D0=BF=D1=80=D0=BE=D1=81 =D0=BD=D0=B0 =D0=BD=D0=BE=D0=B2=D1=
=8B=D0=B9 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82 (CSR=
) =D0=BC=D0=BE=D0=B6=D0=BD=D0=BE =D1=81=D0=B3=D0=B5=D0=BD=D0=B5=D1=80=D0=B8=
=D1=82=D1=8C =D0=BF=D1=80=D0=B8 =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=
=D0=BB=D0=B5=D0=BD=D0=BD=D0=BE=D0=BC =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=
=D0=B8=D0=BA=D0=B0=D1=82=D0=B5 (=D0=B5=D1=81=D0=BB=D0=B8 =D0=BD=D0=B5 =D0=
=BC=D0=B5=D0=BD=D1=8F=D0=BB=D0=B8=D1=81=D1=8C =D0=BF=D0=B0=D1=80=D0=B0=D0=
=BC=D0=B5=D1=82=D1=80=D1=8B). =D0=92=D0=BE=D0=BE=D0=B1=D1=89=D0=B5, =D1=81=
=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82 =D0=BC=D0=BE=D0=B6=
=D0=BD=D0=BE b=D0=B8 =D0=BD=D1=83=D0=B6=D0=BD=D0=BE =D0=BF=D0=BE=D0=BB=D1=
=83=D1=87=D0=B8=D1=82=D1=8C =D0=B7=D0=B0=D1=80=D0=B0=D0=BD=D0=B5=D0=B5.
> 
> =D0=95=D1=81=D0=BB=D0=B8 =D0=BD=D0=BE=D0=B2=D1=8B=D0=B9 =D1=81=D0=B5=D1=
=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82 =D0=B2=D1=8B =D0=BF=D0=BE=D0=
=BB=D1=83=D1=87=D0=B0=D0=B5=D1=82=D0=B5 =D0=B2 =D0=BE=D1=82=D0=B2=D0=B5=D1=
=82 =D0=BD=D0=B0=D1=81=D1=82=D0=BE=D1=8F=D1=89=D0=B8=D0=B9 CSR, =D1=82=D0=
=BE =D1=87=D0=B0=D1=81=D1=82=D0=BD=D1=8B=D0=B9 =D0=BA=D0=BB=D1=8E=D1=87 =D1=
=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0 =D0=BD=D0=
=B5 =D0=BC=D0=B5=D0=BD=D1=8F=D0=B5=D1=82=D1=81=D1=8F, =D0=B4=D0=BB=D1=8F =
=D1=81=D0=BC=D0=B5=D0=BD=D1=8B =D0=B4=D0=BE=D1=81=D1=82=D0=B0=D1=82=D0=BE=
=D1=87=D0=BD=D0=BE =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=B8=D1=82=
=D1=8C =D0=B2=D0=BD=D0=BE=D0=B2=D1=8C =D0=BF=D0=BE=D0=BB=D1=83=D1=87=D0=B5=
=D0=BD=D0=BD=D1=8B=D0=B9 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=
=D0=B0=D1=82 - =D1=8D=D1=82=D0=BE =D0=B4=D0=B5=D0=BB=D0=B0=D0=B5=D1=82=D1=
=81=D1=8F =D0=B2 =D0=BE=D0=B4=D0=BD=D0=BE =D0=B4=D0=B5=D0=B9=D1=81=D1=82=D0=
=B2=D0=B8=D0=B5 =D1=87=D0=B5=D1=80=D0=B5=D0=B7 WebAdmin, =D0=B8 =D0=BF=D0=
=BE=D1=82=D0=BE=D0=BC=D1=83 =D0=BD=D0=B8=D0=BA=D0=B0=D0=BA=D0=B8=D1=85 =D1=
=85=D0=B8=D1=82=D1=80=D0=BE=D1=81=D1=82=D0=B5=D0=B9 =D0=BD=D0=B5 =D1=82=D1=
=80=D0=B5=D0=B1=D1=83=D0=B5=D1=82=D1=81=D1=8F.
> 
> =D0=98=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=
=D0=B5 =D1=82=D0=B5=D1=81=D1=82=D0=BE=D0=B2=D0=BE=D0=B3=D0=BE =D1=81=D0=B5=
=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0  - =D0=BA=D1=80=D0=
=B0=D0=B9=D0=BD=D1=8F=D1=8F =D0=BC=D0=B5=D1=80=D0=B0 =D0=B8 =D0=BF=D1=80=D0=
=B8=D0=BC=D0=B5=D0=BD=D1=8F=D1=82=D1=8C=D1=81=D1=8F =D0=B4=D0=BE=D0=BB=D0=
=B6=D0=BD=D0=B0 =D1=82=D0=BE=D0=BB=D1=8C=D0=BA=D0=BE =D0=BF=D1=80=D0=B8 =D0=
=BE=D1=82=D1=81=D1=83=D1=82=D1=81=D1=82=D0=B2=D0=B8=D0=B8 =D0=BD=D0=BE=D1=
=80=D0=BC=D0=B0=D0=BB=D1=8C=D0=BD=D0=BE=D0=B3=D0=BE =D1=81=D0=B5=D1=80=D1=
=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0. =D0=91=D1=80=D0=B0=D1=83=D0=
=B7=D0=B5=D1=80=D1=8B =D0=BD=D0=B5 =D0=B2=D0=B5=D1=80=D1=8F=D1=82 =D1=82=D0=
=B5=D1=81=D1=82=D0=BE=D0=B2=D0=BE=D0=BC=D1=83 =D1=81=D0=B5=D1=80=D1=82=D0=
=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D1=83 =D0=BD=D0=B5 =D0=BF=D1=80=D0=BE=D1=
=81=D1=82=D0=BE =D1=82=D0=B0=D0=BA.
> 
>> =D0=9D=D0=B5 =D0=BD=D0=B0=D1=80=D1=83=D1=88=D0=B8=D1=82=D1=81=D1=8F =D0=
=BB=D0=B8 =D1=80=D0=B0=D0=B1=D0=BE=D1=82=D0=BE=D1=81=D0=BF=D0=BE=D1=81=D0=
=BE=D0=B1=D0=BD=D0=BE=D1=81=D1=82=D1=8C =D0=BF=D0=BE=D1=87=D1=82=D1=8B =D0=
=BF=D1=80=D0=B8 =D1=8D=D1=82=D0=BE=D0=BC?
> 
> =D0=92=D1=80=D0=B5=D0=BC=D1=8F =D1=80=D0=B0=D0=B1=D0=BE=D1=82=D1=8B =D1=
=81 =D0=BB=D1=8E=D0=B1=D1=8B=D0=BC =D1=83=D1=89=D0=B5=D1=80=D0=B1=D0=BD=D1=
=8B=D0=BC =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=
=BE=D0=BC =D0=BD=D0=B0=D0=B4=D0=BE =D1=81=D0=B2=D0=B5=D1=81=D1=82=D0=B8 =D0=
=BA =D0=BC=D0=B8=D0=BD=D0=B8=D0=BC=D1=83=D0=BC=D1=83.
> 
> =D0=95=D1=81=D0=BB=D0=B8 =D0=BF=D1=80=D0=B8 =D0=BE=D0=B1=D0=BD=D0=BE=D0=
=B2=D0=BB=D0=B5=D0=BD=D0=B8=D0=B8 =D0=B2=D1=8B =D0=BF=D0=BE=D0=BB=D1=83=D1=
=87=D0=B0=D0=B5=D1=82=D0=B5 =D1=82=D0=BE=D0=BB=D1=8C=D0=BA=D0=BE =D0=BD=D0=
=BE=D0=B2=D1=8B=D0=B9 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=
=B0=D1=82, =D0=B0 =D0=BA=D0=BB=D1=8E=D1=87 =D0=BD=D0=B5 =D0=BC=D0=B5=D0=BD=
=D1=8F=D0=B5=D1=82=D1=81=D1=8F, =D1=82=D0=BE =D0=B2=D1=81=D1=91 =D0=BF=D1=
=80=D0=BE=D1=81=D1=82=D0=BE: =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=B0=D0=B2=D0=
=BB=D0=B8=D0=B2=D0=B0=D0=B5=D1=82=D0=B5 =D0=BD=D0=BE=D0=B2=D1=8B=D0=B9 =D1=
=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82 =D1=87=D0=B5=D1=
=80=D0=B5=D0=B7 WebAdmin, =D0=B8 =D0=BE=D0=BD =D0=B8=D1=81=D0=BF=D0=BE=D0=
=BB=D1=8C=D0=B7=D1=83=D0=B5=D1=82=D1=81=D1=8F =D1=81=D1=80=D0=B0=D0=B7=D1=
=83 =D0=BF=D0=BE=D1=81=D0=BB=D0=B5 =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=
=B2=D0=BA=D0=B8.
> 
> =D0=9D=D0=BE =D0=B2=D0=BE=D1=82 =D0=B5=D1=81=D0=BB=D0=B8 =D0=B2=D0=B0=D0=
=BC =D0=BD=D0=B0=D0=B4=D0=BE =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=
=B8=D1=82=D1=8C =D0=B2=D0=BC=D0=B5=D1=81=D1=82=D0=B5 =D1=81 =D0=BD=D0=BE=D0=
=B2=D1=8B=D0=BC =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=
=82=D0=BE=D0=BC =D0=B8 =D0=BD=D0=BE=D0=B2=D1=8B=D0=B9 =D0=BA=D0=BB=D1=8E=D1=
=87, =D1=82=D0=BE =D1=82=D1=83=D1=82 =D1=83=D0=B6=D0=B5 =D0=BD=D0=B0=D0=B4=
=D0=BE =D0=BF=D0=BE=D0=B4=D1=81=D1=82=D1=80=D0=B0=D1=85=D0=BE=D0=B2=D0=B0=
=D1=82=D1=8C=D1=81=D1=8F, =D0=BA=D0=B0=D0=BA =D0=B1=D1=8B=D0=BB=D0=BE =D0=
=BE=D0=BF=D0=B8=D1=81=D0=B0=D0=BD=D0=BE =D1=80=D0=B0=D0=BD=D0=B5=D0=B5 - =
=D0=BE=D0=B1=D0=B5=D1=81=D0=BF=D0=B5=D1=87=D0=B8=D1=82=D1=8C =D0=B1=D0=B5=
=D0=B7=D0=BE=D0=BF=D0=B0=D1=81=D0=BD=D1=8B=D0=B9 =D0=B4=D0=BE=D1=81=D1=82=
=D1=83=D0=BF =D0=BA WebAdmin =D0=BD=D0=B0 =D0=B2=D1=80=D0=B5=D0=BC=D1=8F, =
=D0=BF=D0=BE=D0=BA=D0=B0 =D1=83 =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD=D0=B0 =D0=BD=
=D0=B5=D1=82 =D0=BF=D0=BE=D0=BB=D0=BD=D0=BE=D0=B3=D0=BE =D0=BD=D0=B0=D0=B1=
=D0=BE=D1=80=D0=B0 (=D0=BA=D0=BB=D1=8E=D1=87=D0=B0 =D0=B8 =D1=81=D0=B5=D1=
=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0).
> 
>> =D0=A1 =D1=83=D0=B2=D0=B0=D0=B6=D0=B5=D0=BD=D0=B8=D0=B5=D0=BC,
>> =D0=A1=D0=BF=D0=B8=D1=80=D0=BE=D0=B2=D0=B0 =D0=92=D0=BB=D0=B0=D0=B4=D0=
=B8=D1=81=D0=BB=D0=B0=D0=B2=D0=B0 =D0=A1=D0=B5=D1=80=D0=B3=D0=B5=D0=B5=D0=
=B2=D0=BD=D0=B0
>> =D0=A0=D0=BE=D1=81=D1=82=D0=BE=D0=B2=D1=81=D0=BA=D0=B8=D0=B9 =D0=B8=D0=
=BD=D1=84=D0=BE=D1=80=D0=BC=D0=B0=D1=86=D0=B8=D0=BE=D0=BD=D0=BD=D0=BE-=D0=
=B2=D1=8B=D1=87=D0=B8=D1=81=D0=BB=D0=B8=D1=82=D0=B5=D0=BB=D1=8C=D0=BD=D1=8B=
=D0=B9 =D1=86=D0=B5=D0=BD=D1=82=D1=80 =D0=9E=D0=90=D0=9E =D0=A0=D0=96=D0=94
>>    Vspirova@skzd.rzd.ru
>>           
>>
>>
>>
>> -----Original Message-----
>> From: CommuniGate Pro Russian Discussions 
>> <CGatePro@list.communigate.ru>
>> Sent: Tuesday, June 15, 2021 11:35 AM
>> To: CommuniGate Pro Russian Discussions 
>> <CGatePro@list.communigate.ru>
>> Subject: Re: [CGP] Updating TLS keys and certificates securely.
>>
>> Hello and welcome to the list.
>>
>> On 2021-06-15 10:57 , Fred. Zwarts F.Zwarts@KVI.nl wrote:
>>> Last week our TLS certificate expired. In addition for a new 
>>> certificate a larger key-pair was needed. When we received the new 
>>> certificate we tried to configure the new certificate using the secure =
port 9010.
>>> However, halfway the procedure, the old certificate disappeared and 
>>> the new one was not yet present. So, we had to fall back to the 
>>> insecure port 8010 to complete the configuration of the new certificate=
.
>>> We are unhappy with this for two reasons, first because now there 
>>> has been a short period in which the mail server was not accessible 
>>> in a secure way and, second, because we are a bit worried to have to 
>>> enter sensitive information (authentication) with a insecure connection=
.
>>>
>>> Probably, we did not follow the right procedure. From the 
>>> documentation it is not clear to us how we can keep using a secure 
>>> connection when updating key-pairs and certificate. Is it possible 
>>> to enter them in advance a specify a time when they will be 
>>> activated? I hope someone can enlighten us about the correct procedure.
>>
>> Yes, in the cases when both the private key and the certificate need to =
be changed, a domain in CGPro is left without matching key-certificate pair=
 and without SSL/TLS access. We plan to support multiple certificates for a=
 domain in future, but right now the built-in Test certificate should meet =
the purpose of a temporary certificate - just don't forget to switch to Tes=
t in PKI settings before changing the key and certificate. Though, there's =
a catch with the Test certificate:
>> browsers do not trust it by default.
>>
>> Also, if you have more than one domain on the server with TLS certs inst=
alled (even without an IP dedicated to those domains) then you can use thos=
e domains to access the administrative interface of other domains (it may b=
e necessary to provide auth data with full admin account name that includes=
 the correct domain).
>>
>> You can also use CLI to set both the key and the cert in one request and=
 we have a script for that:
>> https://www.communigate.ru/pub/stuff/noarch/domcert-pwd.pl
>>
>> Finally, regarding the access via the insecure port 8010: that should be=
 limited to the local trusted network and the loopback address. You are sup=
posed to have ssh access to the remotely running server anyway and ssh can =
be used to tunnel access to 127.0.0.1:8010 on the server. This is always ni=
ce to have. BTW, the HTTPA sochet on 127.0.0.1 may be marked as having "Ext=
ernal" SSL/TLS support, so connections through it are always considered sec=
ure.
>>
>> A short digest in Russian:
>>
>> =D0=92=D0=BE=D0=BF=D1=80=D0=BE=D1=81 =D0=BE =D1=82=D0=BE=D0=BC, =D0=BA=
=D0=B0=D0=BA =D0=BF=D1=80=D0=B0=D0=B2=D0=B8=D0=BB=D1=8C=D0=BD=D0=BE =D1=81=
=D0=BC=D0=B5=D0=BD=D0=B8=D1=82=D1=8C =D0=B2 =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD=
=D0=B5 =D0=BA=D0=BB=D1=8E=D1=87 =D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=
=D0=B8=D0=BA=D0=B0=D1=82 TLS
>> =D0=BE=D0=B4=D0=BD=D0=BE=D0=B2=D1=80=D0=B5=D0=BC=D0=B5=D0=BD=D0=BD=D0=BE=
: =D0=BF=D0=BE=D1=81=D0=BA=D0=BE=D0=BB=D1=8C=D0=BA=D1=83 =D1=8D=D1=82=D0=BE=
 =D0=BD=D0=B5=D0=BB=D1=8C=D0=B7=D1=8F =D1=81=D0=B5=D0=B9=D1=87=D0=B0=D1=81 =
=D1=81=D0=B4=D0=B5=D0=BB=D0=B0=D1=82=D1=8C =D1=87=D0=B5=D1=80=D0=B5=D0=B7 W=
ebAdmin =D0=B2 =D0=BE=D0=B4=D0=BD=D0=BE =D0=B4=D0=B5=D0=B9=D1=81=D1=82=D0=
=B2=D0=B8=D0=B5, =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD =D0=BE=D1=81=D1=82=D0=B0=D1=
=91=D1=82=D1=81=D1=8F =D0=B1=D0=B5=D0=B7 =D0=BF=D0=B0=D1=80=D1=8B =D0=BA=D0=
=BB=D1=8E=D1=87-=D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=
=82 =D0=B8 =D0=B5=D1=81=D1=82=D1=8C =D1=80=D0=B8=D1=81=D0=BA =D0=BF=D0=BE=
=D1=82=D0=B5=D1=80=D1=8F=D1=82=D1=8C =D0=B1=D0=B5=D0=B7=D0=BE=D0=BF=D0=B0=
=D1=81=D0=BD=D1=8B=D0=B9 =D0=B4=D0=BE=D1=81=D1=82=D1=83=D0=BF =D0=B2 WebAdm=
in =D0=BF=D0=BE=D1=81=D1=80=D0=B5=D0=B4=D0=B8 =D0=BE=D0=BF=D0=B5=D1=80=D0=
=B0=D1=86=D0=B8=D0=B8.
>> =D0=92=D0=BE=D0=B7=D0=BC=D0=BE=D0=B6=D0=BD=D1=8B=D1=85 =D1=80=D0=B5=D1=
=88=D0=B5=D0=BD=D0=B8=D0=B9 =D0=BD=D0=B5=D1=81=D0=BA=D0=BE=D0=BB=D1=8C=D0=
=BA=D0=BE: =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D0=
=BD=D0=B8=D0=B5 =D0=B2=D1=81=D1=82=D1=80=D0=BE=D0=B5=D0=BD=D0=BD=D0=BE=D0=
=B3=D0=BE =D1=82=D0=B5=D1=81=D1=82=D0=BE=D0=B2=D0=BE=D0=B3=D0=BE =D1=81=D0=
=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=82=D0=B0, =D0=B8=D1=81=D0=
=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5 =D0=B4=D1=
=80=D1=83=D0=B3=D0=B8=D1=85 =D0=B4=D0=BE=D0=BC=D0=B5=D0=BD=D0=BE=D0=B2 =D1=
=81 =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=BB=D0=B5=D0=BD=D0=BD=D1=
=8B=D0=BC=D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=
=82=D0=B0=D0=BC=D0=B8 =D0=B4=D0=BB=D1=8F =D0=B4=D0=BE=D1=81=D1=82=D1=83=D0=
=BF=D0=B0 =D0=B2 WebAdmin, =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=
=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5 CLI =D1=81=D0=BA=D1=80=D0=B8=D0=BF=D1=82=D0=
=B0 =D0=B4=D0=BB=D1=8F =D1=81=D0=BC=D0=B5=D0=BD=D1=8B =D0=BA=D0=BB=D1=8E=D1=
=87=D0=B0 =D0=B8 =D1=81=D0=B5=D1=80=D1=82=D0=B8=D1=84=D0=B8=D0=BA=D0=B0=D1=
=82=D0=B0 =D0=B2 =D0=BE=D0=B4=D0=BD=D0=BE =D0=B4=D0=B5=D0=B9=D1=81=D1=82=D0=
=B2=D0=B8=D0=B5, =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=
=B0=D0=BD=D0=B8=D0=B5 ssh =D1=82=D1=83=D0=BD=D0=BD=D0=B5=D0=BB=D0=B8=D1=80=
=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=D1=8F =D0=B4=D0=BE =D0=BD=D0=B5=D1=88=D0=B8=
=D1=84=D1=80=D0=BE=D0=B2=D0=B0=D0=BD=D0=BD=D0=BE=D0=B3=D0=BE =D0=BF=D0=BE=
=D1=80=D1=82=D0=B0 WebAdmin.


--
Best regards,
Dmitry Akindinov

##################################################################
=D0=92=D1=8B =D0=BF=D0=BE=D0=BB=D1=83=D1=87=D0=B8=D0=BB=D0=B8 =D1=8D=D1=82=
=D0=BE =D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D0=B5 =D0=BF=D0=BE=
=D1=82=D0=BE=D0=BC=D1=83, =D1=87=D1=82=D0=BE =D0=BF=D0=BE=D0=B4=D0=BF=D0=B8=
=D1=81=D0=B0=D0=BD=D1=8B =D0=BD=D0=B0 =D1=81=D0=BF=D0=B8=D1=81=D0=BE=D0=BA =
=D1=80=D0=B0=D1=81=D1=81=D1=8B=D0=BB=D0=BA=D0=B8
  <CGatePro@list.communigate.ru>.

=D0=A7=D1=82=D0=BE=D0=B1=D1=8B =D0=BE=D1=82=D0=BF=D0=B8=D1=81=D0=B0=D1=82=
=D1=8C=D1=81=D1=8F, =D0=BE=D1=82=D0=BF=D1=80=D0=B0=D0=B2=D1=8C=D1=82=D0=B5 =
=D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D0=B5 =D0=BD=D0=B0 =D0=B0=
=D0=B4=D1=80=D0=B5=D1=81 <CGatePro-off@list.communigate.ru>
=D0=A7=D1=82=D0=BE=D0=B1=D1=8B =D0=BF=D0=B5=D1=80=D0=B5=D0=BA=D0=BB=D1=8E=
=D1=87=D0=B8=D1=82=D1=8C=D1=81=D1=8F =D0=B2 =D1=80=D0=B5=D0=B6=D0=B8=D0=BC =
=D0=B4=D0=B0=D0=B9=D0=B4=D0=B6=D0=B5=D1=81=D1=82=D0=B0 - mailto:<CGatePro-d=
igest@list.communigate.ru>
=D0=A7=D1=82=D0=BE=D0=B1=D1=8B =D0=BF=D0=B5=D1=80=D0=B5=D0=BA=D0=BB=D1=8E=
=D1=87=D0=B8=D1=82=D1=8C=D1=81=D1=8F =D0=B2 =D0=B8=D0=BD=D0=B4=D0=B5=D0=BA=
=D1=81=D0=BD=D1=8B=D0=B9 =D1=80=D0=B5=D0=B6=D0=B8=D0=BC - mailto:<CGatePro-=
index@list.communigate.ru>
=D0=94=D0=BB=D1=8F =D0=B0=D0=B4=D0=BC=D0=B8=D0=BD=D0=B8=D1=81=D1=82=D1=80=
=D0=B0=D1=82=D0=B8=D0=B2=D0=BD=D1=8B=D1=85 =D0=B7=D0=B0=D0=BF=D1=80=D0=BE=
=D1=81=D0=BE=D0=B2 =D0=B0=D0=B4=D1=80=D0=B5=D1=81 <CGatePro-request@list.co=
mmunigate.ru>
=D0=90=D1=80=D1=85=D0=B8=D0=B2 =D1=81=D0=BF=D0=B8=D1=81=D0=BA=D0=B0: http:/=
/list.communigate.ru/Lists/CGatePro/List.html