LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Mandriva
User Name
Password
Mandriva This Forum is for the discussion of Mandriva (Mandrake) Linux.

Notices

Reply
 
Search this Thread
Old 09-24-2005, 09:15 PM   #1
kwickcut
Member
 
Registered: Nov 2004
Posts: 123

Rep: Reputation: 20
installing ssl cert


i am trying to install a ssl cert onto my server these are the instructions i have gotten

Code:
Enter the following commands:

   1. cd /usr/bin/ (/your path to openssl/)
      Enter a passphrase when prompted to.
   2. openssl genrsa -des3 -out <name of your certificate>.key 1024
   3. openssl req -new -key <name of your certificate>.key -out <name of your certificate>.csr
now i have no trouble until i get to des3 once there i asks for a password so i enter one then it asks again to check then it just sits there and dose nothing what is wrong?? what should i try as i have gone and completed the rest of what it says but still same nothing at all. so it does not work any ideas


kwick
 
Old 09-25-2005, 06:57 AM   #2
Snowbat
Member
 
Registered: Jun 2005
Location: q3dm7
Distribution: Mandriva 2010.0 x86_64
Posts: 338

Rep: Reputation: 30
Did you change <name of your certificate>.key into a usable filename like test.key?
If you're running this as a user, you can call openssl from your home directory. After confirming the password, you should get a command prompt and the key file is created in your current directory. You can check the contents with cat.

[snowbat@asus ~]$ /usr/bin/openssl genrsa -des3 -out test.key 1024
Generating RSA private key, 1024 bit long modulus
.....................++++++
............................................................++++++
e is 65537 (0x10001)
Enter pass phrase for test.key:
Verifying - Enter pass phrase for test.key:
[snowbat@asus ~]$ cat test.key
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,4D925BF778A7B7B2

+X+A4sgy5Fks7OFRqYes5ATpecKyalIjEcFEPHVCVkJ/ZU88ph0VEfYdtuI0bLsr
(snip several lines)
YrCV2wrsA16UFObXZRJRqA45NxQLq7eFOBcnAzGKLByDxPmAleAc3g==
-----END RSA PRIVATE KEY-----
[snowbat@asus ~]$
 
Old 09-25-2005, 09:51 AM   #3
kwickcut
Member
 
Registered: Nov 2004
Posts: 123

Original Poster
Rep: Reputation: 20
thanks so much for the info it worked great...

the only thing i had to do is change
Code:
cat test.key to cat test.csr
if not it gave the rsa and that would not work when entered into the feild it needed to be csr.


thanks for your help i have it working now



kwick

Last edited by kwickcut; 09-25-2005 at 09:52 AM.
 
Old 09-25-2005, 11:09 AM   #4
kwickcut
Member
 
Registered: Nov 2004
Posts: 123

Original Poster
Rep: Reputation: 20
ok great so far i have gotten the cert to take in the apt but now i need to install it onto the server. this is what they say to do

Quote:
About the Intermediate Certificate
Before you install your issued SSL certificate you must install our intermediate certificate on your Web server. An intermediate certificate is a subordinate certificate issued by the trusted root specifically to issue end-entity server certificates. The result is a trust-chain that begins at the trusted root CA, through the intermediate and finally ending with the SSL certificate issued to you. Such certificates are called chained root certificates. The usage of an intermediate certificate thus provides an added level of security as the Certification Authority (CA) does not need to issue certificates directly from the CA root certificate.

You received our intermediate certificate along with your issued certificate. To install the certificate, first download and unzip the attachment. You may also download intermediate certificate from our repository.

Installing Your Web Server Certificate and the Intermediate Certificate

1. Copy your issued certificate, intermediate certificate and key file (generated when you created the Ceriificate Signing Request (CSR)) into the directory that you will be using to hold your certificates.
2. Open the Apache ssl.conf file and add the following directives:
* SSLCertificateFile /path to certificate file/your issued certificate
* SSLCertificateKeyFile /path to key file/your key file
* SSLCertificateChainFile /path to intermediate certificate/sf_issuing.crt
3. Save your ssl.conf file and restart Apache.
this i do not understand
Quote:
you must install our intermediate certificate on your Web server. An intermediate certificate is a subordinate certificate issued by the trusted root specifically to issue end-entity server certificates. The result is a trust-chain that begins at the trusted root CA, through the intermediate and finally ending with the SSL certificate issued to you. Such certificates are called chained root certificates. The usage of an intermediate certificate thus provides an added level of security as the Certification Authority (CA) does not need to issue certificates directly from the CA root certificate.

You received our intermediate certificate along with your issued certificate. To install the certificate, first download and unzip the attachment. You may also download intermediate certificate from our repository.
well i dont understand any of it really i need stupid directions thanks for any help at all



kwick
 
Old 09-25-2005, 01:27 PM   #5
Snowbat
Member
 
Registered: Jun 2005
Location: q3dm7
Distribution: Mandriva 2010.0 x86_64
Posts: 338

Rep: Reputation: 30
I've only ever used self-signed certificates so I'm not familiar with intermediate certificates. It sounds like they want you to to move the attached intermediate certificate and the keyfile you used for the request to an appropriate place in Apache.

Anything here of help?
http://slacksite.com/apache/certificate.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSL Cert Generation Problem paintcheck200 Linux - Networking 2 07-06-2009 03:12 PM
vsftp SSL cert errors dharm Linux - Security 3 05-22-2006 08:25 PM
SSL sign cert error Giallo998 Linux - Networking 1 04-25-2005 09:06 AM
Qmail ssl cert eltonmou Linux - Software 0 08-18-2004 06:48 AM
Webmin SSL Cert hakcenter Linux - Security 4 10-22-2003 04:21 PM


All times are GMT -5. The time now is 06:53 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration