Re: renewing a certificate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi ,

I created the .pem file using keytool

keytool -export -alias tomcat -rfc > tomcat.pem

and then moved this file to apache directory and ran c_rehash  /usr/local/apache/conf/ssl

this created a link file cc5d41ae.0 -> tomcat.pem

what are the missing steps to create the server.key and server.crt on apache using openssl?

thanks



--- On Wed, 6/5/09, Prasanna Ram Venkatachalam <vpram86@xxxxxxxxx> wrote:

> From: Prasanna Ram Venkatachalam <vpram86@xxxxxxxxx>
> Subject: Re:  renewing a certificate
> To: users@xxxxxxxxxxxxxxxx
> Date: Wednesday, 6 May, 2009, 3:15 PM
> oh.. i hope server.crt is the
> certificate you are using? right?
> 
> 
> On Wed, May 6, 2009 at 5:44 PM,
> Prasanna Ram Venkatachalam <vpram86@xxxxxxxxx>
> wrote:
> 
> 
> Melanie, i think keytool does not create any
> certificate. Its just a key/certificate management
> utility.
> http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/keytool.html
>  
> What did you use to get server.crt? openssl ,selfssl
> or some free sites available??
> 
> Regards
> Prasanna Ram
> 
> 
> 
> 
> On Wed, May 6, 2009 at 12:22 PM,
> Melanie Pfefer <melanie_pfefer@xxxxxxxxxxx>
> wrote:
> 
> 
> Hi,
> 
> I have tomcat server running as a backend server and apache
> running as front-end, both on the same machine
> 
> 
> In httpd.conf, I have:
> 
> SSLProxyEngine On
> RewriteEngine On
> SSLProxyCACertificatePath /usr/local/apache/conf/ssl
> RewriteRule ^/(abc.*) https://host:port/$1 [P,L]
> 
> 
> I am getting an error that the certificate is out of date.
> 
> 
> What I did before was:
> 
> keytool -export -alias tomcat -rfc > tomcat.pem
> c_rehash  /usr/local/apache/conf/ssl
> 
> now /usr/local/apache/conf/ssl has
> 
> server.crt
> server.key
> tomcat.pem
> cc5d41ae.0 -> tomcat.pem
> 
> 
> 
> I need to know how to renew the certificate.
> 
> Is it sufficient to redo:
> 
> keytool -export -alias tomcat -rfc > tomcat.pem
> c_rehash  /usr/local/apache/conf/ssl
> 
> how to rollback in case of failures?
> 
> 
> Thank you
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html>
> for more info.
> 
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> 
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> 
> 
> 
> 
> 
> -- 
> Prasanna Ram
> 
> 
> 
> 
> -- 
> Prasanna Ram
> 
> 


      

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux