Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
At moment to remove SSL certificate you need to manually remove folder containing certificate from /var/aegir/config/ssl.d/ and /var/aegir/config/server_master/ssl.d/ if exists. In addition to this steps you need to delete the entry for the certificate you are deleting in the hosting_ssl_cert MySQL table.
So it would be grate if there was an interface to do this steps. It would be more grate if there was an interface to do add certificates.
Comments
Comment #1
anarcat CreditAttribution: anarcat commentedRelated issues: #1603722: deleting a site doesn't delete its SSL certificate, #537020: create SSL certificate content type.
Comment #2
helmo CreditAttribution: helmo commentedtitle typo
Comment #3
Steven Jones CreditAttribution: Steven Jones commentedUpdating to the frontend.
Comment #4
anarcat CreditAttribution: anarcat commentedI will look at this for #1126640: move the SSL IP allocation to the frontend to allow users to quickly get a grasp of how things are going after the upgrade.
Comment #5
anarcat CreditAttribution: anarcat commentedI have made a read-only browser for the server nodes in the IP cleanup branch. Hang in there, some of this will be part of 2.x...
I am not sure we'll make this delete certifcates in the backend just yet, as SSL certificates are not their own entity yet, which means they have no task associated with them. Maybe this part will have to wait for the D7 port and therefore 3.x.
Code is in commit b52f623 on the dev-ssl-ip-allocation-refactor branch.
Comment #6
anarcat CreditAttribution: anarcat commentedThe new code now cleans up ~/config/server_master/ssl.d files, but not ~/config/ssl.d - which I am not sure we want to destroy because they may contain valuable data from the admin.
Comment #7
blueprint CreditAttribution: blueprint commentedOk, as far as I can see, having begun testing with 2 rc4, we're at:
1. a new method for naming the folder origin of the certificates (which is helpful)
2. a means for choosing (as in the old case, but not based on hostname)
3. the old 'list of ips' although not as a text field but as independant entries
What's still missing is the wildcards, correct?
I'm looking at the code, but it's changed substantially and I need to port a number of other changes while I'm at it (for clients) ... but I'll try to take a crack at refactoring the ips in the front end ...
Thanks for the great work,
Mark
Comment #8
ergonlogicNew features need to be implemented in Aegir 3.x, then we can consider back-porting to Aegir 2.x.