Solved

CentOS:  Install SSL certificate

Posted on 2011-03-10
14
1,925 Views
Last Modified: 2012-05-11
Hi All,

Very new to using CentOS and SSH.  But slowly getting the hang of it.


I've setup a website and want to add an SSL certificate.

Can anyone walk me through the process.
0
Comment
Question by:detox1978
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 5
14 Comments
 
LVL 31

Expert Comment

by:farzanj
ID: 35100615
Do you need it for Apache, LDAP, or SSH keys?
0
 
LVL 2

Author Comment

by:detox1978
ID: 35100640
Apache
0
 
LVL 2

Author Comment

by:detox1978
ID: 35100755
I have a PFX file with the public and private key
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Author Comment

by:detox1978
ID: 35100905
I have openssl on the server.
0
 
LVL 2

Author Comment

by:detox1978
ID: 35101135
I found this link, but dont know where to copy things too;

http://www.petefreitag.com/item/16.cfm
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35101214
0
 
LVL 2

Author Comment

by:detox1978
ID: 35101414
I followed the steps on that link and got the following error;

#openssl ca -in apachekey.csr -out apachecert.pem

Using configuration from /etc/pki/tls/openssl.cnf
Error opening CA private key ../../CA/private/cakey.pem
31033:error:02001002:system library:fopen:No such file or directory:bss_file.c:352:fopen('../../CA/private/cakey.pem','r')
31033:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
unable to load CA private key
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35101524
Please follow this guide step by step

http://www.cyberciti.biz/faq/rhel-apache-httpd-mod-ssl-tutorial/

If you still have problem, let me know.
0
 
LVL 2

Author Comment

by:detox1978
ID: 35101535
Thats the same link?
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35103080
I am sorry, got really busy and could not help you.
If you found the solution, please post it here.  That would help the community too.

Thanks
0
 
LVL 2

Accepted Solution

by:
detox1978 earned 0 total points
ID: 35103118
Here's my notes;

You just need to update the PFX password.


Create PFX
copy mydomain.com.pfx to /etc/httpd/conf/ssl/pfx

connect to root via SSH

# = type

#openssl
#pkcs12 -in /etc/httpd/conf/ssl/pfx/mydomain.com.pfx -passin pass:PFX-Password -nokeys -out

/etc/httpd/conf/ssl/crt/mydomain.com.crt
#pkcs12 -in /etc/httpd/conf/ssl/pfx/mydomain.com.pfx -passin pass:PFX-Password -nocerts -out

/etc/httpd/conf/ssl/key/mydomain.com.key -passout pass:PFX-Password


insert the following lines to the VirtualHost in httpd.conf using vi (vi /etc/httpd/conf/httpd.conf)




SSLEngine On
SSLCertificateFile /etc/httpd/conf/ssl/crt/mydomain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl/key/mydomain.com.key


Then restart the webserver

#/etc/init.d/httpd restart



0
 
LVL 31

Expert Comment

by:farzanj
ID: 35103135
Thanks.

Before closing, it is better if you post your solution, and accept it.
0
 
LVL 2

Author Comment

by:detox1978
ID: 35133407
I raised a delete request, so will have it removed and accept my answer.

Hopefully it will help someone.  
0
 
LVL 2

Author Closing Comment

by:detox1978
ID: 35171011
answer above
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Configuring Apache Camel to send and recieive from QPID Broker 2 34
centos linux 65 192
Migrating a Linux server to VMware 3 112
Looking for a program called HoneyMine. 3 71
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question