LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-15-2003, 10:32 AM   #1
hakcenter
Member
 
Registered: Apr 2003
Location: Not to far from the computer screen
Distribution: RedHat 9.0
Posts: 324

Rep: Reputation: 30
Exclamation Webmin SSL Cert


I have webmin working with its own cert.

I'm just getting annoyed with its self signed cert, and want to create another certificate signed by my CA Root.

Everytime I use openssl to create the cert and sign it via the root... webmin won't accept it.


Does anyone know the proper switches to create the webmin cert?
 
Old 10-20-2003, 03:41 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,367
Blog Entries: 54

Rep: Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866
Could you show us how you made it?
 
Old 10-21-2003, 10:15 AM   #3
hakcenter
Member
 
Registered: Apr 2003
Location: Not to far from the computer screen
Distribution: RedHat 9.0
Posts: 324

Original Poster
Rep: Reputation: 30
openssl req -config openssl.cnf -new -out my-server.csr
openssl rsa -in privkey.pem -out my-server.key

then have the CA Root (unfortunatly is a 2k DC) sign the csr

And then webmin complains that its not pem format...
 
Old 10-22-2003, 03:15 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,367
Blog Entries: 54

Rep: Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866Reputation: 2866
then have the CA Root (unfortunatly is a 2k DC) sign the csr
Can you verify the returned cert is a PEM format cert or something else, like PKCS?
If it is PKCS, then you could try this:
openssl pkcs7 -text -inform PEM -in <DCsignedkey> -print_certs > my-server.crt
cat my-server.key > my-server.pem; cat my-server.crt >>my-server.pem
then strip the PEM leaving the 1st private key and the last certificate.
 
Old 10-22-2003, 04:21 PM   #5
hakcenter
Member
 
Registered: Apr 2003
Location: Not to far from the computer screen
Distribution: RedHat 9.0
Posts: 324

Original Poster
Rep: Reputation: 30
The key only comes in DER or base64 format from the CA Root

Anyhow your commands have helped, I got it working, and its being a whore now saying that the name 'doesn't' match..

Even though it actually does, damn webmin, lol.

Last edited by hakcenter; 10-22-2003 at 04:39 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftp SSL cert errors dharm Linux - Security 3 05-22-2006 08:25 PM
installing ssl cert kwickcut Mandriva 4 09-25-2005 01:27 PM
ssl cert on fedora / webmin where to put them? help Hcard Linux - Security 1 05-26-2005 05:50 AM
SSL sign cert error Giallo998 Linux - Networking 1 04-25-2005 09:06 AM
Qmail ssl cert eltonmou Linux - Software 0 08-18-2004 06:48 AM


All times are GMT -5. The time now is 08:57 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration