Editing
Applying a generated certificate on web server
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
Configuring Certificate for Renewal ----------------------------------- Login to nagios.apoyar Copy b2b.bleckmann.com.key file to nagios from phobos.apoyar β’ scp neal@phobos:/home/neal/b2b.bleckmann.com.key ./ Note:- If getting error while copying, need to change permission of that file on phobos.apoyar β’ chmod 444 b2b.bleckmann.com.key then copy same key file to returns server (bleckmann live) β’ scp b2b.bleckmann.com.key returns@10.208.192.174:/home/returns/ After this move crt file from returns server to nagios and then to phobos using below commands β’ scp returns@10.208.192.174:/home/returns/b2b.bleckmann.com.crt ./ β’ scp b2b.bleckmann.com.crt neal@phobos:/home/neal/ Login to phobos.apoyar Now, we have crt, csr and key at /home/neal/certs/ on phobos.apoyar Now go to β’ cd /home/neal/certs/generated/bleckmann move all three files here β’ mv /home/neal/certs/b2b.blecmann.com* ./ and then remove key file from nagios Now, login to returns server Compare crt and key file with below command β’ openssl x509 -noout -modulus -in b2b.bleckmann.com.crt | openssl md5 && openssl rsa -noout -modulus -in b2b.bleckmann.com.key | openssl md5 Now, move crt & key to below path β’ mv b2b.blecmann.com.crt /etc/ssl/certs/ β’ mv b2b.blecmann.com.key /etc/ssl/private/ Note:- If getting error while moving either crt or key, check for owner and permission and change if needed with below commands β’ chown root:root filename β’ chmod 400 filename Then go to β’ Cd /etc/nginx/sites-available Here, search for website configuration file with below command β’ grep βrmv β/etc/nginx/sites-available/β βe βb2b.bleckmann.comβ then edit that conf file β’ vi b2b.conf change crt and key file path in conf file save and exit file β’ :wq! Note:- Repeat above steps of editing .conf file, if we have multiple domains Then check for any errors with below command β’ nginx βt and then reload nginx (DONβT RESTART) β’ systemctl reload nginx At last, browse websites and verify those padlocks and certificate information
Summary:
Please note that all contributions to Apoyar Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Apoyar Wiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Page
Discussion
British English
Views
Read
Edit
View history
More
Search
Navigation
Main page
Apoyar Infrastructure
Active Directory
Recent changes
Random page
Upload file
Tools
What links here
Related changes
Special pages
Page information