Solved

CentOS:  Install SSL certificate

Posted on 2011-03-10
14
1,881 Views
Last Modified: 2012-05-11
Hi All,

Very new to using CentOS and SSH.  But slowly getting the hang of it.


I've setup a website and want to add an SSL certificate.

Can anyone walk me through the process.
0
Comment
Question by:detox1978
  • 9
  • 5
14 Comments
 
LVL 31

Expert Comment

by:farzanj
ID: 35100615
Do you need it for Apache, LDAP, or SSH keys?
0
 
LVL 2

Author Comment

by:detox1978
ID: 35100640
Apache
0
 
LVL 2

Author Comment

by:detox1978
ID: 35100755
I have a PFX file with the public and private key
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 2

Author Comment

by:detox1978
ID: 35100905
I have openssl on the server.
0
 
LVL 2

Author Comment

by:detox1978
ID: 35101135
I found this link, but dont know where to copy things too;

http://www.petefreitag.com/item/16.cfm
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35101214
0
 
LVL 2

Author Comment

by:detox1978
ID: 35101414
I followed the steps on that link and got the following error;

#openssl ca -in apachekey.csr -out apachecert.pem

Using configuration from /etc/pki/tls/openssl.cnf
Error opening CA private key ../../CA/private/cakey.pem
31033:error:02001002:system library:fopen:No such file or directory:bss_file.c:352:fopen('../../CA/private/cakey.pem','r')
31033:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
unable to load CA private key
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35101524
Please follow this guide step by step

http://www.cyberciti.biz/faq/rhel-apache-httpd-mod-ssl-tutorial/

If you still have problem, let me know.
0
 
LVL 2

Author Comment

by:detox1978
ID: 35101535
Thats the same link?
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35103080
I am sorry, got really busy and could not help you.
If you found the solution, please post it here.  That would help the community too.

Thanks
0
 
LVL 2

Accepted Solution

by:
detox1978 earned 0 total points
ID: 35103118
Here's my notes;

You just need to update the PFX password.


Create PFX
copy mydomain.com.pfx to /etc/httpd/conf/ssl/pfx

connect to root via SSH

# = type

#openssl
#pkcs12 -in /etc/httpd/conf/ssl/pfx/mydomain.com.pfx -passin pass:PFX-Password -nokeys -out

/etc/httpd/conf/ssl/crt/mydomain.com.crt
#pkcs12 -in /etc/httpd/conf/ssl/pfx/mydomain.com.pfx -passin pass:PFX-Password -nocerts -out

/etc/httpd/conf/ssl/key/mydomain.com.key -passout pass:PFX-Password


insert the following lines to the VirtualHost in httpd.conf using vi (vi /etc/httpd/conf/httpd.conf)




SSLEngine On
SSLCertificateFile /etc/httpd/conf/ssl/crt/mydomain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl/key/mydomain.com.key


Then restart the webserver

#/etc/init.d/httpd restart



0
 
LVL 31

Expert Comment

by:farzanj
ID: 35103135
Thanks.

Before closing, it is better if you post your solution, and accept it.
0
 
LVL 2

Author Comment

by:detox1978
ID: 35133407
I raised a delete request, so will have it removed and accept my answer.

Hopefully it will help someone.  
0
 
LVL 2

Author Closing Comment

by:detox1978
ID: 35171011
answer above
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question