• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2017
  • Last Modified:

CentOS: Install SSL certificate

Hi All,

Very new to using CentOS and SSH.  But slowly getting the hang of it.


I've setup a website and want to add an SSL certificate.

Can anyone walk me through the process.
0
detox1978
Asked:
detox1978
  • 9
  • 5
1 Solution
 
farzanjCommented:
Do you need it for Apache, LDAP, or SSH keys?
0
 
detox1978Author Commented:
Apache
0
 
detox1978Author Commented:
I have a PFX file with the public and private key
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
detox1978Author Commented:
I have openssl on the server.
0
 
detox1978Author Commented:
I found this link, but dont know where to copy things too;

http://www.petefreitag.com/item/16.cfm
0
 
farzanjCommented:
0
 
detox1978Author Commented:
I followed the steps on that link and got the following error;

#openssl ca -in apachekey.csr -out apachecert.pem

Using configuration from /etc/pki/tls/openssl.cnf
Error opening CA private key ../../CA/private/cakey.pem
31033:error:02001002:system library:fopen:No such file or directory:bss_file.c:352:fopen('../../CA/private/cakey.pem','r')
31033:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
unable to load CA private key
0
 
farzanjCommented:
Please follow this guide step by step

http://www.cyberciti.biz/faq/rhel-apache-httpd-mod-ssl-tutorial/

If you still have problem, let me know.
0
 
detox1978Author Commented:
Thats the same link?
0
 
farzanjCommented:
I am sorry, got really busy and could not help you.
If you found the solution, please post it here.  That would help the community too.

Thanks
0
 
detox1978Author Commented:
Here's my notes;

You just need to update the PFX password.


Create PFX
copy mydomain.com.pfx to /etc/httpd/conf/ssl/pfx

connect to root via SSH

# = type

#openssl
#pkcs12 -in /etc/httpd/conf/ssl/pfx/mydomain.com.pfx -passin pass:PFX-Password -nokeys -out

/etc/httpd/conf/ssl/crt/mydomain.com.crt
#pkcs12 -in /etc/httpd/conf/ssl/pfx/mydomain.com.pfx -passin pass:PFX-Password -nocerts -out

/etc/httpd/conf/ssl/key/mydomain.com.key -passout pass:PFX-Password


insert the following lines to the VirtualHost in httpd.conf using vi (vi /etc/httpd/conf/httpd.conf)




SSLEngine On
SSLCertificateFile /etc/httpd/conf/ssl/crt/mydomain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl/key/mydomain.com.key


Then restart the webserver

#/etc/init.d/httpd restart



0
 
farzanjCommented:
Thanks.

Before closing, it is better if you post your solution, and accept it.
0
 
detox1978Author Commented:
I raised a delete request, so will have it removed and accept my answer.

Hopefully it will help someone.  
0
 
detox1978Author Commented:
answer above
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 9
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now