How to regenerate SSL Certificates used in Diladele Web Safety

UPDATE: The http://docs.diladele.com/tutorials/regenerate_ssl_certificates.html shows all steps required to regenerate SSL certificates in latest version of Diladele Web Safety.

Please be sure to change the default certificates that come with installation package of Diladele Web Safety to something more unique for your network. Do NOT use password when generating certificates, otherwise Squid will not be able to use them! The following commands are for Ubuntu or Debian, adjust for your OS of choice accordingly.

$ openssl req -new -newkey rsa:1024 -days 1365 -nodes -x509 -keyout myca.pem  -out myca.pem
$ openssl x509 -in myca.pem -outform DER -out myca.der
$ sudo cp myca.pem /etc/opt/quintolabs/qlproxy/
$ sudo cp myca.der /etc/opt/quintolabs/qlproxy/

Greetings,
Diladele Support Team

Here is the link why you would need to do that 🙂
http://nakedsecurity.sophos.com/2013/12/09/serious-security-google-finds-fake-but-trusted-ssl-certificates-for-its-domains-made-in-france/

About sichent

sichent
This entry was posted in Diladele, HTTPS, Linux, qlproxy and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s