Subject: Re: [eCS-ISP] Let's encrypt
Date: Mon, 12 Aug 2024 21:18:56 +0200
To: eCS ISP Mailing List <>

Il 12/08/2024 07:54, Dan Napier, MS, CIH, CAC ha scritto:

Some steps are not so easy to see
Step by step
"create a certificate with the chain certificate inside of the .cert, so
you have always the latest chain certificate from Let's Encrypt automatically."

OK I have no idea what to do here.  You say create a certificate.   COMO VA?

uacme -v new
will not allow connection to the WEB

It installed a key in mptn\etc\ssl\uacme\  but that was all

     I appreciate your help, but there is alot left out.   apache needs some modules loaded, I think I may be missing some of those.  I got rewrite and ssl, but did you load the ssl page from extra too?


LoadModule ssl_module modules/ssl.dll

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

SSLPassPhraseDialog  builtin
SSLSessionCacheTimeout  300
SSLSessionCache        shmcb:X:/temp/ssl_scache(512000)
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSV1.1
SSLHonorCipherOrder on



SSLUseStapling on
SSLStaplingErrorCacheTimeout 600
SSLStaplingCache shmcb:X:/temp/ssl_cache(512000)

SSLCompression Off

these will make your ssl hosting to get an overall rating of A+

it has been very hard to get A+ rating from this website ;-)

instead about session cache resumption:

Session resumption (caching) No (IDs assigned but not accepted)

i still don't know how to improve this parameter


