Revision as of 11:13, 23 November 2011

Migrating a certificate from NetWare to Linux

If you move your GroupWise GWIA or other web-based system to Linux and have bought certificates from a 3rd party certificate vendor, then you might want to transfer those certificates as well. The projess is easy and painless, just follow these steps.

Note that if you do an id-migration of a NW server, this all happens automatically.

Moving a certificate from NW/eDirectory to Apache/OES Linux

1. Highlight the certificate i C1, properties, Certificates, public key certificate, export. Make sure to check "Export private key"
2. Provide a filename and password. Here we assume "mycert"
3. Create a work dir under say /root, here we assume /root/certs
4. Transfer this file to the OES2 box to this dir
5. Run openssl pkcs12 -in mycert.pfx -out mycert.txt -nodes
6. Open mycert.txt in gedit (or your favourite editor)
7. Locate the line -- BEGIN RSA PRIVATE KEY
8. Copy the entire block of text, including the --BEGIN and --END lines to a blank document
9. Save this document as mycert.key in /etc/ssl/servercerts
10. Locate the line -- BEGIN CERTIFICATE
11. Copy the entire block of text, including the --BEGIN and --END lines to a blank document
12. Save this document as mycert.pem in /etc/ssl/servercerts
13. Open up vhost-ssl.conf in /etc/apache2/vhost.d
14. Change the line SSLCertificateFile so that it points to /etc/ssl/servercerts/mycert.pem
15. Change the line SSLCertificateKeyFile so that it points to /etc/ssl/servercerts/mycert.key
16. Restart Apache (/etc/init.d/apache2/restart

Enjoy!