SSL checker
http://www.petefreitag.com/item/16.cfm
novell howto split a pfx
rapidssl intermediate certs
http://www.petefreitag.com/item/16.cfm
novell howto split a pfx
rapidssl intermediate certs
SSL Certificates
first buy a wildcard or normal ssl certificate pfx file from an ssl resellerhow to use openssl convert pfx to key and cert
The Personal Information Exchange format (PFX, also called PKCS #12) supports secure storage of certificates, private keys, and all certificates in a certification path.extract certificate from pfx to key and pem cert
$ openssl pkcs12 -in certificate.pfx -clcerts -nokeys -out mysslsite.crt passwd:
extract key from pfx
$ openssl pkcs12 -in certificate.pfx -nocerts -out key.pem passwd:
then remove pass phrase so apache httpd doesnt ask for it !
$ openssl rsa -in key.pem -out mysslsite.key
apache httpd conf
copy crt key and any intermediate certificates to the /etc/pki/tls/subdirsand add SSL lines to your apache httpd conf file
SSLCertificateFile /etc/pki/tls/certs/mysslsite.crt SSLCertificateKeyFile /etc/pki/tls/private/mysslsite.key SSLCertificateChainFile /etc/pki/tls/certs/my-ssl-resellers-intermediate.crt
ps you might not need the intermediate SSLCertificateChainFile line but you will if you are getting any of these error messages
The certificate is not trusted because no issuer chain was provided. Unable to locally verify the issuer's authority. (Error code: sec_error_unknown_issuer)
REFERRERS
SystemSecurity
