How do I change the certificate
51 views
Skip to first unread message
Tom Cole
Jun 2, 2015, 1:58:32 PM6/2/15
to priva...@googlegroups.com
We are running a token server that is issued to the server. We need to change this to be issued to the name of the site. How do I this? I am a newb when it comes to this stuff.
Thanks
Thanks
Cornelius Kölbel
Jun 2, 2015, 3:18:28 PM6/2/15
to priva...@googlegroups.com
Hello Tom,
you can see a short note about certificates here:
https://help.ubuntu.com/14.04/serverguide/certificates-and-security.html
The key task is to create a certificate signing request. In the
certificate signing request you can specify the servername (CN).
You then can decide, if you use the certificate signing request (CSR) to
create a self-signed-certificate or if you take the CSR and got to a
certificate authority (either your companys or s.t. verisign, comodo,
startcom...)
Then you need to copy the server.key (your private key, which you should
not give to anybody else) and the signed certificate to the
corresponding locations.
These are defined in the Apache config file, which is located
at /etc/apache2/sites-enabled/privacyidea.conf.
SSLCertificateFile /etc/ssl/certs/privacyideaserver.pem
SSLCertificateKeyFile /etc/ssl/private/privacyideaserver.key
Kind regards
Cornelius
> --
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/71cad8e0-34b6-4bb5-abb6-38d6b5319edb%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
you can see a short note about certificates here:
https://help.ubuntu.com/14.04/serverguide/certificates-and-security.html
The key task is to create a certificate signing request. In the
certificate signing request you can specify the servername (CN).
You then can decide, if you use the certificate signing request (CSR) to
create a self-signed-certificate or if you take the CSR and got to a
certificate authority (either your companys or s.t. verisign, comodo,
startcom...)
Then you need to copy the server.key (your private key, which you should
not give to anybody else) and the signed certificate to the
corresponding locations.
These are defined in the Apache config file, which is located
at /etc/apache2/sites-enabled/privacyidea.conf.
SSLCertificateFile /etc/ssl/certs/privacyideaserver.pem
SSLCertificateKeyFile /etc/ssl/private/privacyideaserver.key
Kind regards
Cornelius
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/71cad8e0-34b6-4bb5-abb6-38d6b5319edb%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Tom Cole
Jun 2, 2015, 3:31:11 PM6/2/15
to priva...@googlegroups.com
Thanks - I was just coming back to say we can disregard this but you beat me to it. I was able to take my existing certs / key from production and rename them privacyideaserver.pem & .key, restart apache2 and it worked.
Reply all
Reply to author
Forward
0 new messages