LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 10-15-2003, 11:32 AM   #1
hakcenter
Member
 
Registered: Apr 2003
Location: Not to far from the computer screen
Distribution: RedHat 9.0
Posts: 324

Rep: Reputation: 30
Exclamation Webmin SSL Cert


I have webmin working with its own cert.

I'm just getting annoyed with its self signed cert, and want to create another certificate signed by my CA Root.

Everytime I use openssl to create the cert and sign it via the root... webmin won't accept it.


Does anyone know the proper switches to create the webmin cert?
 
Old 10-20-2003, 04:41 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,791
Blog Entries: 54

Rep: Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980
Could you show us how you made it?
 
Old 10-21-2003, 11:15 AM   #3
hakcenter
Member
 
Registered: Apr 2003
Location: Not to far from the computer screen
Distribution: RedHat 9.0
Posts: 324

Original Poster
Rep: Reputation: 30
openssl req -config openssl.cnf -new -out my-server.csr
openssl rsa -in privkey.pem -out my-server.key

then have the CA Root (unfortunatly is a 2k DC) sign the csr

And then webmin complains that its not pem format...
 
Old 10-22-2003, 04:15 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,791
Blog Entries: 54

Rep: Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980Reputation: 2980
then have the CA Root (unfortunatly is a 2k DC) sign the csr
Can you verify the returned cert is a PEM format cert or something else, like PKCS?
If it is PKCS, then you could try this:
openssl pkcs7 -text -inform PEM -in <DCsignedkey> -print_certs > my-server.crt
cat my-server.key > my-server.pem; cat my-server.crt >>my-server.pem
then strip the PEM leaving the 1st private key and the last certificate.
 
Old 10-22-2003, 05:21 PM   #5
hakcenter
Member
 
Registered: Apr 2003
Location: Not to far from the computer screen
Distribution: RedHat 9.0
Posts: 324

Original Poster
Rep: Reputation: 30
The key only comes in DER or base64 format from the CA Root

Anyhow your commands have helped, I got it working, and its being a whore now saying that the name 'doesn't' match..

Even though it actually does, damn webmin, lol.

Last edited by hakcenter; 10-22-2003 at 05:39 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftp SSL cert errors dharm Linux - Security 3 05-22-2006 09:25 PM
installing ssl cert kwickcut Mandriva 4 09-25-2005 02:27 PM
ssl cert on fedora / webmin where to put them? help Hcard Linux - Security 1 05-26-2005 06:50 AM
SSL sign cert error Giallo998 Linux - Networking 1 04-25-2005 10:06 AM
Qmail ssl cert eltonmou Linux - Software 0 08-18-2004 07:48 AM


All times are GMT -5. The time now is 02:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration