I need to install a certificate for a webservice in Apache (Centos7). The files they sent us are these:
xxx.cer.pem
xxx.pfx
Can anyone tell me how I can install these certificates? Thanks!
Install certificate .CER.PEM Linux Centos7
0
asked by anonymous 05.12.2016 / 20:07
1 answer
1
According to this answer in SOen you first need to convert pfx to be supported in apache, using openssl .
First install it (if you have not installed it):
yum install openssl
Navigate to the folder where the xxxx.pfx and then the terminal use the following commands to convert the certificate:
openssl pkcs12 -in xxxx.pfx -clcerts -nokeys -out xxxx.cer
openssl pkcs12 -in xxxx.pfx -nocerts -nodes -out xxxx.key
Then look for the file in the apache folder named host.conf or ssl.conf (or maybe it's all inside httpd.conf ) and look for the desired <VirtualHost> , in which case the HOST should preferably have the port 443 for example <VirtualHost *:443> (certificate for all hosts), then you should point the location of the .cer file in SSLCertificateFile and point the .key location in SSLCertificateKeyFile
An example would be:
<VirtualHost 192.168.0.1:443>
...
SSLEngine on
SSLCertificateFile /caminho/para/xxxx.cer
SSLCertificateKeyFile /caminho/para/xxxx.key
...
</VirtualHost>
Note: If the SSL flags must be inside a VirtualHost that is from HTTPS, if you do the wrong host it will give a problem, a wrong example:
<VirtualHost 192.168.0.1:80> ... SSLEngine on SSLCertificateFile /caminho/para/xxxx.cer SSLCertificateKeyFile /caminho/para/xxxx.key
The SSL module must be enabled:
LoadModule ssl_module modules/mod_ssl.so
Then just restart Apache
05.12.2016 / 20:17