<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body>
<p>Bonjour</p>
<p>Voici la procédure que je vous propose:</p>
<p>Il faut déplacer les clé existante:<br>
</p>
<p>mkdir /root/oldkey<br>
mv /opt/wapt/waptserver/ssl/key.pem /root/oldkey/<br>
mv /opt/wapt/waptserver/ssl/cert.pem /root/oldkey/</p>
<p>Relancer le postconf:</p>
<p>/opt/wapt/waptserver/scripts/postconf.sh</p>
<p>Sauvegarder la nouvelle clé:</p>
<p>mkdir /root/new<br>
mv /opt/wapt/waptserver/ssl/key.pem /root/new/<br>
mv /opt/wapt/waptserver/ssl/cert.pem /root/new/</p>
<p>Replacer l'ancien certificat<br>
</p>
<p>mv /root/oldkey/key.pem /opt/wapt/waptserver/ssl/<br>
mv /root/oldkey/cert.pem /opt/wapt/waptserver/ssl/</p>
<p>systemctl restart nginx<br>
</p>
<p>Maintenant vous pouvez récupérer la clé publique:</p>
<p>cat /root/new/cert.pem /opt/wapt/waptserver/ssl/cert.pem >
/root/srvwapt.mydomain.lan.crt</p>
<p>Récupérer le fichier /root/srvwapt.mydomain.lan.crt et
placer/remplacer celui dans C:\Program Files
(x86)\wapt\ssl\server\srvwapt.mydomain.lan.crt</p>
<p>Vous pouvez maintenant générer nouvel agent (qui va donc contenir
le nouveau fichier srvwapt.mydomain.lan.crt</p>
<p>La suite des opération est a faire<b> uniquement</b> si le
nouveau fichier C:\Program Files
(x86)\wapt\ssl\server\srvwapt.mydomain.lan.crt et bien <b>sur
tous les agents.</b></p>
<p>Suite des opérations:</p>
<p>mv /opt/wapt/waptserver/ssl/key.pem /root/oldkey/<br>
mv /opt/wapt/waptserver/ssl/cert.pem /root/oldkey/</p>
<p>mv /root/new/key.pem /opt/wapt/waptserver/ssl/<br>
mv /root/new/cert.pem /opt/wapt/waptserver/ssl/</p>
<p>systemctl restart nginx</p>
<p>Le but de la manœuvre est que l'agent wapt accepte, l'ancien et
le nouveau certificat !<br>
</p>
<p>Simon<br>
</p>
<p><br>
</p>
<p><br>
</p>
<p><br>
</p>
<p><br>
</p>
<div class="moz-cite-prefix">Le 01/04/2020 à 12:31, Patrick
BERTHELOT a écrit :<br>
</div>
<blockquote type="cite"
cite="mid:001101d60810$a6db30d0$f4919270$@ipht.fr">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Bonjour,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Personne n’a la commande « magique » pour
la mise à jour du certificat ?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal"><span style="mso-fareast-language:FR">Cordialement
<br>
Patrick</span><span style="mso-fareast-language:FR"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="mso-fareast-language:FR">De :</span></b><span
style="mso-fareast-language:FR"> WAPT
<a class="moz-txt-link-rfc2396E" href="mailto:wapt-bounces@lists.tranquil.it"><wapt-bounces@lists.tranquil.it></a> <b>De la part de</b>
Patrick BERTHELOT<br>
<b>Envoyé :</b> mardi 31 mars 2020 17:49<br>
<b>À :</b> <a class="moz-txt-link-abbreviated" href="mailto:wapt@lists.tranquil.it">wapt@lists.tranquil.it</a><br>
<b>Objet :</b> [Wapt] certificat sans subjetAltName<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Bonjour,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Je me permets de revenir sur le problème de
certificat sans « subjetAltName », une procédure « simple »
as-t-elle été trouvé, je n’ai rien trouvé sur la doc ?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Voici mon erreur :<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">C:\Windows\system32>wapt-get register
winadmin<o:p></o:p></p>
<p class="MsoNormal">Using config file: C:\Program Files
(x86)\wapt\wapt-get.ini<o:p></o:p></p>
<p class="MsoNormal">Registering host against server: https://
wapt.xxxx.xxx.fr<o:p></o:p></p>
<p class="MsoNormal">C:\Program Files
(x86)\wapt\lib\site-packages\urllib3\connection.py:362:
SubjectAltNameWarning: Certificate for wapt. wapt.xxxx.xxx.fr
has no `subjectAltName`, falling back to check for a
`commonName` for now. This feature is being removed by major
browsers and deprecated by RFC 2818. (See <a
href="https://github.com/shazow/urllib3/issues/497"
moz-do-not-send="true">https://github.com/shazow/urllib3/issues/497</a>
for details.)<o:p></o:p></p>
<p class="MsoNormal"> SubjectAltNameWarning<o:p></o:p></p>
<p class="MsoNormal">Error when registering host against server
<a href="https://wapt.xxxx.xxx.fr" moz-do-not-send="true">https://wapt.xxxx.xxx.fr</a>:
Error on server:<o:p></o:p></p>
<p class="MsoNormal">OSError(13, 'Permission denied')<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="mso-fareast-language:FR">Cordialement
<br>
Patrick<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
WAPT mailing list
<a class="moz-txt-link-abbreviated" href="mailto:WAPT@lists.tranquil.it">WAPT@lists.tranquil.it</a>
<a class="moz-txt-link-freetext" href="http://lists.tranquil.it/listinfo/wapt">http://lists.tranquil.it/listinfo/wapt</a>
</pre>
</blockquote>
</body>
</html>