Tag Archive | "csr"

Tags:

How to generate CSR from IIS7


To generate a CSR from IIS 7.0,  you need to complete the following steps:

1. Open IIS Manager (Internet Information Services).
2. Click on your server name.
3. Double click the "Server Certificates" option in middle panel which is located under the Security heading.
4. Click "Create Certificate Request" on right panel (the first option).
5. Fill out the requested details regarding to your website.
6. Click "Next".
7. Choose the cryptography options and SSL bit, normally you just leave it default.
8. Click "Next".
9. Choose a location to save the CSR file, click "Finish" to complete.

Share

Posted in Windows-IIS-ASPNETComments (2)

Tags: ,

Linux SSL configuration tutorial


Generate SSL CSR

ssh to server

1.#cd /shfs/etc/ssl

2.#openssl genrsa -out domainname.key 1024 (change domainname to the actual domain name)

3.#openssl req -new -key domainname.key -out domainname.csr (change domainname with the actual domain)

Import certificate from .PFX

1. you can optionally export the certificate from windows to a .pfx file

2. openssl pkcs12 -in site.pfx -out site.pem -nodes

3. now  open the .pem file with a text editor.
first part is the private key, you copy this part and safe it as site.key
2nd part is public key, you copy this part and safe as site.crt
3rd part is parent certificate public key. no need to touch it.

Create ssl apache configuration file

once you have get the certificate, you need to edit the /etc/httpd/conf/ssl.conf

add the follow template:

<VirtualHost xx.xx.xx.myip:443>
SSLEngine on

SSLCACertificatePath /etc/ssl
SSLCertificateFile /etc/ssl/userdomain.com.crt
SSLCertificateKeyFile /etc/ssl/userdomain.com.key

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/secure/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
<Directory "/var/www/secure">
Options +ExecCGI
AddHandler cgi-script cgi pl py
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

DocumentRoot /home/username/folderpath/
ServerName userdomain.com
ServerAlias www.userdomain.com

<Directory /home/username/folderpath/>
AddHandler cgi-script cgi pl do
Options +Includes
Options +ExecCGI
AllowOverride All
Order allow,deny
allow from all
</Directory>

</VirtualHost>

<VirtualHost xx.xx.xx.ip:80>
DocumentRoot /home/username/folderpath/
ServerName userdomain.com
ServerAlias www.userdomain.com

<Directory /home/username/folderpath/>
AddHandler cgi-script cgi pl do
Options +Includes
Options +ExecCGI
AllowOverride All
Order allow,deny
allow from all
</Directory>

CustomLog /var/log/httpd/access_log vcommon
ErrorLog /var/log/httpd/clientError_log
</VirtualHost>

Share

Posted in Linux-Apache-PHPComments (4)