Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 843 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site Certificate

maxus
Hi pplz!

Is there anybody knows how to add real site certificate (f.e. from VeriSign) to ASL?


This thread was automatically locked due to age.
Parents
  • 0
    Hi maxus,

    please try this mini howto (for 1.9, names is 1.8 are a little bit changed):

    Create a new Self signed SSL Certificate and place it in the right place (create info http://www.verisign.com/support/tlc/csr/ssleay/v01.html)  (short commandline syntax or edit openssl.cnf:
            openssl req -new -nodes -x509 -keyout cakey.pem -days 1095 -out cacert.pem
            openssl req -new -nodes -keyout WebAdminKey.pem -out newreq.pem  -days 1095
            cat newreq.pem WebAdminKey.pem > new.pem
            mkdir newcerts
            touch index.txt
            echo 01 > serial
            openssl ca  -policy policy_anything -out /tmp/WebAdminCert.pem -infiles /tmp/new.pem
        )
    You only need the .key and .crt file, without passphrase.
        cp  /etc/httpd/WebAdminKey.pem
        cp  /etc/httpd/WebAdminCert.pem
        chown 0:0 /etc/httpd/WebAdminKey.pem
        chmod 400 /etc/httpd/WebAdminKey.pem
        chown 0:0 /etc/httpd/WebAdminCert.pem
        chmod 400 /etc/httpd/WebAdminCert.pem
  • 0 in reply to Markus Hennig
    HI Markus!

    firstly, thank you for posting this mini-HOWTO.

    Are you planning to include this procedure in next versions?  I guess it should be very usefull fro PKI-enabled environments
Reply Children
No Data
Unfiltered HTML