Письмо #20434 Списка Рассылки CGatePro@list.communigate.ru
От Кого: Fred. Zwarts F.Zwarts@KVI.nl <CGatePro@list.communigate.ru>
Кому: CommuniGate Pro Russische discussies <CGatePro@list.communigate.ru>
Тема: Updating TLS keys and certificates securely.
Дата: Tue, 15 Jun 2021 09:57:32 +0200
Last week our TLS certificate expired. In addition for a new certificate a larger key-pair was needed. When we received the new certificate we tried to configure the new certificate using the secure port 9010.  However, halfway the procedure, the old certificate disappeared and the new one was not yet present. So, we had to fall back to the insecure port 8010 to complete the configuration of the new certificate.
We are unhappy with this for two reasons, first because now there has been a short period in which the mail server was not accessible in a secure way and, second, because we are a bit worried to have to enter sensitive information (authentication) with a insecure connection.

Probably, we did not follow the right procedure. From the documentation it is not clear to us how we can keep using a secure connection when updating key-pairs and certificate. Is it possible to enter them in advance a specify a time when they will be activated? I hope someone can enlighten us about the correct procedure.

Подписаться (Прямо) Подписаться (Дайджест) Подписаться (Оглавление) Отписаться Написать Listmaster-у