Results 1 to 5 of 5
  1. #1
    Untanglit
    Join Date
    Oct 2016
    Location
    Left Coast
    Posts
    15

    Question New cert from Lets Encrypt- to SBS

    I am one of those poor idiots who believed M$FT when they said Small Business Server was a supported product. Anyhow, I have IIS 7.5 on my machine, and after two days of struggling with scripts, I finally have a process that will update all my websites (and root domain). Now I would like to export that cert so I can have my Untangle server use that as my current cert for Untangle. How do I go about exporting it and what format do I use?
    TIA,
    Tom

  2. #2
    Master Untangler
    Join Date
    May 2008
    Posts
    945

    Default

    There are a few post about letencrypt if you search. The best thing to do is vote for this and other things here.
    https://untanglengfirewall.featureup...0/lets-encrypt

  3. #3
    Untanglit
    Join Date
    Oct 2016
    Location
    Left Coast
    Posts
    15

    Default

    I have voted up that feature, but I found very little real help here about how to export my cert from my IIS server in a format that untangle will recognize. I did find some clues on the Let's Encrypt forum about running LE on Untangle and I may try that route, if I can get the renewals to automate.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,455

    Default

    That's because you can't, Microsoft made that process basically impossible.

    It's not actually impossible... but it's not trivial either, and it cannot be automated. You have to use certmgr to export the .pfx, and then convert the .pfx to a .pem. But here's the rub, MS won't include the private key unless you encrypt the .pfx, and that's a bit of a curveball for most of the tools in play. So good luck!

    And because you cannot automate this, you cant' use let's encrypt unless you plan to do this every two weeks by hand.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Master Untangler
    Join Date
    May 2008
    Posts
    945

    Default

    If you can get a wildcard cert you might try that. I did that at one time but didn't see any real advantage.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2