Link to home
Create AccountLog in
Avatar of Love Chaudhary
Love ChaudharyFlag for Canada

asked on

how to update wildcard certificate .pfx on ubuntu server

I have .pfx file, i need to update the wildcard certificate on Linux server. Our Application is in PHP.

Avatar of Andrew Porter
Andrew Porter
Flag of United States of America image

There's not enough detail in your request to really provide specifics, but this should get you going:

https://www.megacolorboy.com/til/posts/install-pfx-certificate-on-a-linux-server/

We run the CSR process on a dedicated server using IIS. Once the .PFX file is created with the Private Key we send it over to the Ubuntu server via SSH copy.


NGINX: There's a two step process from there to split out the certificate so that it can be used. We don't do Apache so I'm not sure what's happening there.

# TODO Copy local to Ubuntu from Windows
scp -i ~/.ssh/my-ubuntu_id_rsa C:\Temp\wwwdomaincom_ssl.pfx admin@my-ubuntu:/home/admin/www.domain.com_ssl.pfx

# TODO Set up the .PFX File in nginx
openssl pkcs12 -in ~/www.domain.com_ssl.pfx -clcerts -nokeys -out www.domain.com_ssl.crt
openssl pkcs12 -in ~/www.domain.com_ssl.pfx -nocerts -nodes -out www.domain.com_ssll.rsa

# TODO Copy them
sudo cp www.domain.com_ssl.rsa /etc/nginx/ssl/www.domain.com_ssl.rsa
sudo cp www.domain.com_ssl.crt /etc/nginx/ssl/www.domain.com_ssl.crt

Open in new window

You will be prompted for the password. When exporting from the IIS server choose 3DS as the encryption algorithm, choose Extended Options #3, and uncheck the #4 option when running that process.

ASKER CERTIFIED SOLUTION
Avatar of Love Chaudhary
Love Chaudhary
Flag of Canada image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer