LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Mandriva (https://www.linuxquestions.org/questions/mandriva-30/)
-   -   installing ssl cert (https://www.linuxquestions.org/questions/mandriva-30/installing-ssl-cert-366755/)

kwickcut 09-24-2005 09:15 PM
installing ssl cert
 
i am trying to install a ssl cert onto my server these are the instructions i have gotten

Code:
Enter the following commands:

  1. cd /usr/bin/ (/your path to openssl/)
      Enter a passphrase when prompted to.
  2. openssl genrsa -des3 -out <name of your certificate>.key 1024
  3. openssl req -new -key <name of your certificate>.key -out <name of your certificate>.csr
now i have no trouble until i get to des3 once there i asks for a password so i enter one then it asks again to check then it just sits there and dose nothing what is wrong?? what should i try as i have gone and completed the rest of what it says but still same nothing at all. so it does not work any ideas


kwick

Snowbat 09-25-2005 06:57 AM
Did you change <name of your certificate>.key into a usable filename like test.key?
If you're running this as a user, you can call openssl from your home directory. After confirming the password, you should get a command prompt and the key file is created in your current directory. You can check the contents with cat.

[snowbat@asus ~]$ /usr/bin/openssl genrsa -des3 -out test.key 1024
Generating RSA private key, 1024 bit long modulus
.....................++++++
............................................................++++++
e is 65537 (0x10001)
Enter pass phrase for test.key:
Verifying - Enter pass phrase for test.key:
[snowbat@asus ~]$ cat test.key
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,4D925BF778A7B7B2

+X+A4sgy5Fks7OFRqYes5ATpecKyalIjEcFEPHVCVkJ/ZU88ph0VEfYdtuI0bLsr
(snip several lines)
YrCV2wrsA16UFObXZRJRqA45NxQLq7eFOBcnAzGKLByDxPmAleAc3g==
-----END RSA PRIVATE KEY-----
[snowbat@asus ~]$

kwickcut 09-25-2005 09:51 AM
thanks so much for the info it worked great...

the only thing i had to do is change
Code:
cat test.key to cat test.csr
if not it gave the rsa and that would not work when entered into the feild it needed to be csr.


thanks for your help i have it working now



kwick

kwickcut 09-25-2005 11:09 AM
ok great so far i have gotten the cert to take in the apt but now i need to install it onto the server. this is what they say to do

Quote:
About the Intermediate Certificate
Before you install your issued SSL certificate you must install our intermediate certificate on your Web server. An intermediate certificate is a subordinate certificate issued by the trusted root specifically to issue end-entity server certificates. The result is a trust-chain that begins at the trusted root CA, through the intermediate and finally ending with the SSL certificate issued to you. Such certificates are called chained root certificates. The usage of an intermediate certificate thus provides an added level of security as the Certification Authority (CA) does not need to issue certificates directly from the CA root certificate.

You received our intermediate certificate along with your issued certificate. To install the certificate, first download and unzip the attachment. You may also download intermediate certificate from our repository.

Installing Your Web Server Certificate and the Intermediate Certificate

1. Copy your issued certificate, intermediate certificate and key file (generated when you created the Ceriificate Signing Request (CSR)) into the directory that you will be using to hold your certificates.
2. Open the Apache ssl.conf file and add the following directives:
* SSLCertificateFile /path to certificate file/your issued certificate
* SSLCertificateKeyFile /path to key file/your key file
* SSLCertificateChainFile /path to intermediate certificate/sf_issuing.crt
3. Save your ssl.conf file and restart Apache.
this i do not understand
Quote:
you must install our intermediate certificate on your Web server. An intermediate certificate is a subordinate certificate issued by the trusted root specifically to issue end-entity server certificates. The result is a trust-chain that begins at the trusted root CA, through the intermediate and finally ending with the SSL certificate issued to you. Such certificates are called chained root certificates. The usage of an intermediate certificate thus provides an added level of security as the Certification Authority (CA) does not need to issue certificates directly from the CA root certificate.

You received our intermediate certificate along with your issued certificate. To install the certificate, first download and unzip the attachment. You may also download intermediate certificate from our repository.
well i dont understand any of it really i need stupid directions thanks for any help at all



kwick

Snowbat 09-25-2005 01:27 PM
I've only ever used self-signed certificates so I'm not familiar with intermediate certificates. It sounds like they want you to to move the attached intermediate certificate and the keyfile you used for the request to an appropriate place in Apache.

Anything here of help?
http://slacksite.com/apache/certificate.html


All times are GMT -5. The time now is 05:17 AM.