Hi all, This topic is one that I am ignorant on and appreciate any guidance. My scenario; I have a wild card SSL installed on one of my CentOS boxes. As I understand it, this server was used as a sort of master when originally generating and receiving the wild card SSL cert (got the cert from GoDaddy BTW). So, now I must export some file(s) from that server so that I can import it/them to another server. Were do I begin? I did manage to generate a .cer from a pem belonging to my master server via; openssl x509 in ca.pem -inform PEM -out somefile.crt.cer -outform DER But I honestly do not under stand what I did here and have a feeling this is incomplete as aren't public and private key involved some how? I have my ca.csr (my request file), ca.key (my private key) and ca.pem (my public key) files in hand and ready. A backup has been made for testing. Thanks in advance for any info. - aurf
> So, now I must export some file(s) from that server so that I can import it/them to another server.Forgot to add that I plan to import to another CentOS/Apache box. - aurf
2012/10/23 aurfalien <aurfalien at gmail.com>:> Hi all, > > This topic is one that I am ignorant on and appreciate any guidance. > > My scenario; > > I have a wild card SSL installed on one of my CentOS boxes. > > As I understand it, this server was used as a sort of master when originally generating and receiving the wild card SSL cert (got the cert from GoDaddy BTW). > > So, now I must export some file(s) from that server so that I can import it/them to another server. > > Were do I begin? > > I did manage to generate a .cer from a pem belonging to my master server via; > > openssl x509 in ca.pem -inform PEM -out somefile.crt.cer -outform DER > > But I honestly do not under stand what I did here and have a feeling this is incomplete as aren't public and private key involved some how? > > I have my ca.csr (my request file), ca.key (my private key) and ca.pem (my public key) files in hand and ready. A backup has been made for testing.Looks like you are a bit lost in ssl-forest. just copy your privatekey and signed cert file to another box and configure apache. that is all that is needed. no need to do any kind of conversions, just copy files from original box. -- Eero
From: aurfalien <aurfalien at gmail.com>> I have a wild card SSL installed on one of my CentOS boxes. > As I understand it, this server was used as a sort of master when originally > generating and receiving the wild card SSL cert (got the cert from GoDaddy > BTW). > So, now I must export some file(s) from that server so that I can import > it/them to another server.Copy the files to something like /etc/ssl/certs/ and configure apache. Use something like: <VirtualHost aaa.bbb.ccc.ddd:443> ? DocumentRoot /X/Y/Z ? ServerName abc.yourdomain.com ? SSLEngine on ? SSLCertificateFile /etc/ssl/certs/wildcard.yourdomain.com.crt ? SSLCertificateKeyFile /etc/ssl/certs/wildcard.yourdomain.com.key ? SSLCertificateChainFile /etc/ssl/certs/wildcard.yourdomain.com.ca-bundle < /VirtualHost> The .crt is the certificate returned by the registrar. The .key is the key you created and used to generate the certificate request. The .ca-bundle is the registrar root and intermediate certificates.