smuth
asked on
Creating a CRT SSL Certificate
I paid for a SSL cert from Verisign for our FTP server and according to the software vendor of the FTP software we purchased I need the key file and the CRT file to install the cert. I have the cer, key and csr files, but no CRT file. How do I convert the CSR or get this CRT for the server?
Thanks, Scott...
Thanks, Scott...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I was able to create the crt file with openssl, but it is still not working. I am using gene6 ftp server and they told me to put the key and crt files in the certs directory and then change the setup.ini and add the following two lines
SSLCertKeyPath=ftp.domain.com
SSLPassPhrase=<PEM passphrase entered at csr generation>
I did this and it still does not work. I am not sure if it is their software or the cert. Any ideas?
SSLCertKeyPath=ftp.domain.com
SSLPassPhrase=<PEM passphrase entered at csr generation>
I did this and it still does not work. I am not sure if it is their software or the cert. Any ideas?
Have you installed the cert to your local computer cert store? When installing can try auto, or you can manually install it - check the box for show physical stores and point to Personal and there should be a local computer subfolder.
Another thought is if you have the root cert chain installed - if this is your own CA then you will need to do this (http://caname/certsrv and take the 3rd option and get the root cert chain), if not you may still need to do that - some roots like godaddy are newer than SP2 so you could go to SP3 or get the current root cert list here:
http://www.microsoft.com/downloads/details.aspx?FamilyId=F814EC0E-EE7E-435E-99F8-20B44D4531B0&displaylang=en
Another thought is if you have the root cert chain installed - if this is your own CA then you will need to do this (http://caname/certsrv and take the 3rd option and get the root cert chain), if not you may still need to do that - some roots like godaddy are newer than SP2 so you could go to SP3 or get the current root cert list here:
http://www.microsoft.com/downloads/details.aspx?FamilyId=F814EC0E-EE7E-435E-99F8-20B44D4531B0&displaylang=en
ASKER
This worked for the most part. I guess their software is a little tricky and I had to install the cert a little different after I created the crt file. Thanks for your help
ASKER