CentOS: Install SSL certificate

Hi All,

Very new to using CentOS and SSH.  But slowly getting the hang of it.


I've setup a website and want to add an SSL certificate.

Can anyone walk me through the process.
LVL 2
detox1978Asked:
Who is Participating?
 
detox1978Author Commented:
Here's my notes;

You just need to update the PFX password.


Create PFX
copy mydomain.com.pfx to /etc/httpd/conf/ssl/pfx

connect to root via SSH

# = type

#openssl
#pkcs12 -in /etc/httpd/conf/ssl/pfx/mydomain.com.pfx -passin pass:PFX-Password -nokeys -out

/etc/httpd/conf/ssl/crt/mydomain.com.crt
#pkcs12 -in /etc/httpd/conf/ssl/pfx/mydomain.com.pfx -passin pass:PFX-Password -nocerts -out

/etc/httpd/conf/ssl/key/mydomain.com.key -passout pass:PFX-Password


insert the following lines to the VirtualHost in httpd.conf using vi (vi /etc/httpd/conf/httpd.conf)




SSLEngine On
SSLCertificateFile /etc/httpd/conf/ssl/crt/mydomain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl/key/mydomain.com.key


Then restart the webserver

#/etc/init.d/httpd restart



0
 
farzanjCommented:
Do you need it for Apache, LDAP, or SSH keys?
0
 
detox1978Author Commented:
Apache
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
detox1978Author Commented:
I have a PFX file with the public and private key
0
 
detox1978Author Commented:
I have openssl on the server.
0
 
detox1978Author Commented:
I found this link, but dont know where to copy things too;

http://www.petefreitag.com/item/16.cfm
0
 
farzanjCommented:
0
 
detox1978Author Commented:
I followed the steps on that link and got the following error;

#openssl ca -in apachekey.csr -out apachecert.pem

Using configuration from /etc/pki/tls/openssl.cnf
Error opening CA private key ../../CA/private/cakey.pem
31033:error:02001002:system library:fopen:No such file or directory:bss_file.c:352:fopen('../../CA/private/cakey.pem','r')
31033:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
unable to load CA private key
0
 
farzanjCommented:
Please follow this guide step by step

http://www.cyberciti.biz/faq/rhel-apache-httpd-mod-ssl-tutorial/

If you still have problem, let me know.
0
 
detox1978Author Commented:
Thats the same link?
0
 
farzanjCommented:
I am sorry, got really busy and could not help you.
If you found the solution, please post it here.  That would help the community too.

Thanks
0
 
farzanjCommented:
Thanks.

Before closing, it is better if you post your solution, and accept it.
0
 
detox1978Author Commented:
I raised a delete request, so will have it removed and accept my answer.

Hopefully it will help someone.  
0
 
detox1978Author Commented:
answer above
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.