Here is example to create Certificate signing request and install the SSL certificate received from Verisign using openssl tool. (Specific to jboss, may or may not work for other servers. Visit http://www.verisign.com for further information )
1. Generate RSA private key
openssl genrsa -des3 -out domainname.key 1024
You will be promted for passphrase.
2. Create CSR (Cerificate signing request)
openssl req -new -key domainname.key -out domainname.csr
When creating a CSR you must enter information to be displayed on the certificate. E.g. Common name, Organization, Organization Unit etc
3. Send this CSR to get SSL Certificate from Verisign.
4. When you receive SSL Certificate from Verisign, you need to install it.
- Save the certificate in file name it "YourVeriSignSSLCert.crt"
- Get the intermediate CA certificate from: http://www.verisign.com/support/verisign-intermediate-ca/secure-site-intermediate/index.html and save it in a file, name it "YourIntermediateCertificate.cer"
- Command to create PKCS12 keystore
openssl pkcs12 -export -in YourVeriSignSSLCert.crt -inkey domainname.key -out mycert.p12 -name tomcat -CAfile YourIntermediateCertificate.cer -caname root -chain
5. Configure the server conf file with keystoreFile="c:\PATH TO mycert.p12" keystorePass="PASSWORD HERE" keystoreType="PKCS12"
6. Restart the server. You can check your installation status at: https://knowledge.verisign.com/support/ssl-certificates-support/index?page=certchecker
7. Once certificate installed properly you need to add Verisign seal to you site. Refer to https://www.verisign.com/ssl/secured-seal/index.html
In case if you face any issues in the installion, you can call or chat with verisign support team.
For other server installation instruction please refer to https://www.verisign.com/support/ssl-certificates-support/install-ssl-certificate.html
Thanks,
Anand
1 comment:
what id the main difference between a verisign and a thawte ssl? i have a thawte to install. agh!
Post a Comment