Fixing -0001 Suffix certs

Thanks.

To be clear, if I cannot find a ref to the cert I intend to delete in the webserver config then I'm good to go? No other applications like email servers will be using that certificate?

How do I check or find out what might be using one of those certificates?

Thanks

2 Likes

Hard for me to know what's going on inside your server.
Does that server have other services that are (or can be) TLS secured?

1 Like

Thanks.

Like what sort of services? If you can suggest what I should look for, I'll check.

Chris

2 Likes

Maybe you can run

sudo ss -tlp

and see if any programs on the server are running publicly-accessible services (local address other than 127.0 IPv4 network or [::1] IPv6 network).

The most common TLS services other than HTTPS are e-mail-related protocols (if your server is an e-mail server).

3 Likes

This is what I'm thinking. It might be postfix that's using one of those other certificates.

I'll try this and let you know what emerges!

TY

Chris

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.