Overview
This article reviews one of the system-related configurations which is 'Services' and 'SSL Certificate'
The instructions in the article serve as a pre-requisite for enforcing an SSL certificate into security settings. For instructions on the latter, see the following article: Enforcing SSL and Encrypted Communication in Kerio Connect.
Requirements
- If you are logged into MyKerio, click on this system in the list of appliances to access the administration.
- If you are not using MyKerio, you can reach the web administration from a web browser, using a secure HTTP connection over port 4040.
Resolution
- Log in using the credentials you set up during the installation.
-
Once you are logged into the administration, click on the Configuration item in the left navigation pane.
Note: By default, all services are enabled and use standard ports for each protocol. On some systems, you may find that some services are not started.
This means that another service in the system is already using that port. If this is the case, you may edit the service and choose a different port number.
-
Generate a certificate signing request in the SSL Certificates by clicking New, then New Certificate Request.
- Specify the hostname (mail.example.com) and enter the details of your organization.
- Click OK to close this screen.
- Right-click on the certificate and choose show details.
-
Click View Source > Copy this text and send it to the certification authority, signing your request.
-
After your certificate is signed, right-click the pending request to install the signed SSL certificate. The certificate must be base64 encoded in PEM format.
- Use a text editor to append the intermediate and root certificates to your signed certificate, prior to the import.
Note: Most certificate authorities require additional intermediate certificates.
Validation
The certificate is now ready to be enforced in the security settings and you should see the following certificate indicating it is ready: -