• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 51
  • Last Modified:

upload the ssl public key to Apache web server

we are running our web server on windows , we have clients on various places , when we update the certificate we ask the customer to upload the new public key.

one of our customer is using apache server with php , where they might be able to find the certificate store on their server. and how they may upload the public key on their server. we have the certificate with PEM extension in addition to the room and intermediate certificate.

does any has simialr situation where they just use the public key only and have tips hwo to achieve that.

Thanks
0
Hani Naser
Asked:
Hani Naser
4 Solutions
 
gheistCommented:
First check if ssleay32.dll is somewhere in directory of apache, i.e if it has SSL support at all.
Then look fro conf.d/* for a line Listen 443
0
 
David Johnson, CD, MVPOwnerCommented:
we are running our web server on windows , we have clients on various places , when we update the certificate we ask the customer to upload the new public key. Why?

one of our customer is using apache server with php , where they might be able to find the certificate store on their server. and how they may upload the public key on their server. we have the certificate with PEM extension in addition to the room and intermediate certificate.
Again why? What is the purpose of this?
0
 
arnoldCommented:
If you are using Cpanel ir similar to manage your sites by the user, they would need to upload the certificate there.
A secure site requires unique ip:port configuration such that if 443 is used, each secure site will need their own ip.

Not sure what would the reason for requesting any key from the client. For a secure connection/communication to work, your server must have both the private key and the certificate used to generate it.

It sounds more that what you are after is to secure communication between a secure site and a client by way of validating the client through a client based certificate which is what you are asking the client provid (a certificate without the inclusion of the private key, is the public key)

In such a situation, setting up an automatic process where a "client" is permitted to update the "authorized" person list vulnerable since a person would be in a position to upload as many certs as they want ........
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Dillyn BarberChief Information Officer (CIO)Commented:
If there is no cPanel or equivalent to they will have to do this manually. For starters, they need to make sure OpenSSL is installed too (applies to Windows and Linux) There is a full tutorial for setting up SSL on Apache with a Windows machine here:
http://rubayathasan.com/tutorial/apache-ssl-on-windows/

If your client attempts this on a Linux server they can follow:
https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html

Which can be helpful for windows as well as it talks about adding it through Apache 2.4
0
 
shalomcCTOCommented:
Tell them to look in their Apache configuration, either in httpd.conf or in an included file, for the lines containing the following keywords:

Server Certificate:        SSLCertificateFile
Server Private Key:       SSLCertificateKeyFile
Server CA Chain:      SSLCertificateChainFile

These point to PEM encoded files that can then be sent over to you.
You don't say which web server you run on Windows, so I assume it is IIS. IIS doesn't like PEM files, but loves pfx files. So you have to convert. You need ALL 3 files from above.

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

Open in new window

0
 
shalomcCTOCommented:
No comment from author
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now