Difference between revisions of "Certificate Migration"

From MicroFocusInternationalWiki
Jump to: navigation, search
m (Moving a certificate from NW/eDirectory to Apache/OES Linux)
(Moving a certificate from NW/eDirectory to Apache/OES Linux)
Line 9: Line 9:
 
#Create a work dir under say /root, here we assume /root/certs
 
#Create a work dir under say /root, here we assume /root/certs
 
#Transfer this file to the OES2 box to this dir
 
#Transfer this file to the OES2 box to this dir
#Run openssl pkcs12 -in mycert.pfx -out mycert.txt -nodes
+
#Run '''openssl pkcs12 -in mycert.pfx -out mycert.txt -nodes'''
 
#Open mycert.txt in gedit (or your favourite editor)
 
#Open mycert.txt in gedit (or your favourite editor)
 
#Locate the line -- BEGIN RSA PRIVATE KEY
 
#Locate the line -- BEGIN RSA PRIVATE KEY

Revision as of 10:34, 23 November 2011

Migrating a certificate from NetWare to Linux

If you move your GroupWise system or other web-based system to Linux and have bought certificates from a 3rd party certificate vendor, then you might want to transfer those certificates as well. The projess is easy and painless, just follow these steps.

Moving a certificate from NW/eDirectory to Apache/OES Linux

  1. Highlight the certificate i C1, properties, Certificates, public key certificate, export. Make sure to check "Export private key"
  2. Provide a filename and password. Here we assume "mycert"
  3. Create a work dir under say /root, here we assume /root/certs
  4. Transfer this file to the OES2 box to this dir
  5. Run openssl pkcs12 -in mycert.pfx -out mycert.txt -nodes
  6. Open mycert.txt in gedit (or your favourite editor)
  7. Locate the line -- BEGIN RSA PRIVATE KEY
  8. Copy the entire block of text, including the --BEGIN and --END lines to a blank document
  9. Save this document as mycert.key in /etc/ssl/servercerts
  10. Locate the line -- BEGIN CERTIFICATE
  11. Copy the entire block of text, including the --BEGIN and --END lines to a blank document
  12. Save this document as mycert.pem in /etc/ssl/servercerts
  13. Open up vhost-ssl.conf in /etc/apache2/vhost.d
  14. Change the line SSLCertificateFile so that it points to /etc/ssl/servercerts/mycert.pem
  15. Change the line SSLCertificateKeyFile so that it points to /etc/ssl/servercerts/mycert.key
  16. Restart Apache (/etc/init.d/apache2/restart

Enjoy!