Difference between revisions of "Certificate Migration"
From MicroFocusInternationalWiki
(→Moving a certificate from NW/eDirectory to Apache/OES Linux) |
m (→Migrating a certificate from NetWare to Linux) |
||
Line 1: | Line 1: | ||
=Migrating a certificate from NetWare to Linux= | =Migrating a certificate from NetWare to Linux= | ||
− | If you move your GroupWise | + | If you move your GroupWise GWIA or other web-based system to Linux and have bought certificates from a 3rd party certificate vendor, then you might want to transfer those certificates as well. The projess is easy and painless, just follow these steps. |
+ | |||
+ | Note that if you do an id-migration of a NW server, this all happens | ||
+ | automatically. | ||
==Moving a certificate from NW/eDirectory to Apache/OES Linux== | ==Moving a certificate from NW/eDirectory to Apache/OES Linux== |
Revision as of 11:13, 23 November 2011
Migrating a certificate from NetWare to Linux
If you move your GroupWise GWIA or other web-based system to Linux and have bought certificates from a 3rd party certificate vendor, then you might want to transfer those certificates as well. The projess is easy and painless, just follow these steps.
Note that if you do an id-migration of a NW server, this all happens automatically.
Moving a certificate from NW/eDirectory to Apache/OES Linux
- Highlight the certificate i C1, properties, Certificates, public key certificate, export. Make sure to check "Export private key"
- Provide a filename and password. Here we assume "mycert"
- Create a work dir under say /root, here we assume /root/certs
- Transfer this file to the OES2 box to this dir
- Run openssl pkcs12 -in mycert.pfx -out mycert.txt -nodes
- Open mycert.txt in gedit (or your favourite editor)
- Locate the line -- BEGIN RSA PRIVATE KEY
- Copy the entire block of text, including the --BEGIN and --END lines to a blank document
- Save this document as mycert.key in /etc/ssl/servercerts
- Locate the line -- BEGIN CERTIFICATE
- Copy the entire block of text, including the --BEGIN and --END lines to a blank document
- Save this document as mycert.pem in /etc/ssl/servercerts
- Open up vhost-ssl.conf in /etc/apache2/vhost.d
- Change the line SSLCertificateFile so that it points to /etc/ssl/servercerts/mycert.pem
- Change the line SSLCertificateKeyFile so that it points to /etc/ssl/servercerts/mycert.key
- Restart Apache (/etc/init.d/apache2/restart
Enjoy!