SSL Cert Requirements..

SSL Cert Requirements..

Postby EKjellquist » Thu Jun 07, 2018 2:33 pm

We're using 3.0.0 of AFS, and we were just using the self-signed cert for the last several years. I'm trying to switch over to a LE cert (same as we're using with AMS) and I keep getting 'connection refused' and 'SSL_PROTOCOL_ERROR' errors when trying to log into it via port 7200, on localhost or remote. Firewall is configured correctly. self-signed cert seems to be sha1/RSA2048, LE cert is sha256/RSA4096.

I don't need to log in to the remote via a browser (I can just use the application mode), but that would be nice. My issue is that connections that work ok over the self-signed cert no longer work with the LE cert, and I'm thinking maybe b/c this version of AFS can't handle 4096-bit RSA? AMS seems to be fine with it, thought maybe AFS just hadn't caught up yet?
Posts: 44
Joined: Tue Sep 09, 2014 10:40 pm

Re: SSL Cert Requirements..

Postby Code Crafters » Sun Jun 10, 2018 11:25 pm

Both AMS and AFS can create up to 2048 bit self signed certificates. Ability Mail Server 4.2.5 is a newer version of OpenSSL but otherwise should have the same code for SSL. You can try copying the SSL DLLs from your Ability Mail Server installation folder to your Ability FTP Server installation folder to see if the newer OpenSSL fixes the issue. We will also look into upgrading both to be able to create 4096 bit keys with SHA256 too.
Code Crafters
Posts: 872
Joined: Mon Sep 10, 2007 2:35 pm

Return to General

Who is online

Users browsing this forum: No registered users and 1 guest