I created a CSR via openssl, sent it to globalsign, and they sent us back a
certificate. I managed to use this certificate into apache by specifying
both private key and this certificate via the httpd.conf file. All fine and
well.
Now, I need to use the same certificate (wildcard certificate) on a JES (Sun
Java Entreprise System) application. For this to work, I apparently need to
import this globalsign certificate into the openssl keystore, and then
export the certificate and my private key as a PKCS12 file.
Then I can use a pk12util import tool from the JES application to import
both private key and certificate into this JES keystore.
But I'm struggling with the import of the certificate in the openssl
keystore.
I've been googling but didn't find the answer, I also must admit I'm not too
knowledgeable about certificates ...
Can someone help me out by showing me an example 'openssl' commandline to
import and then export as a PKCS12 file ?
Re: guidance on SSL certs and Apache2 ... including the fact that the setup is neither automated nor documented ... > it has Kleopatra for certificate management....openssl req -new -key server.key -out newreq.pem ... /etc/init.d/apache2 restart... (Debian-User)
Re: Pine and CA certificates ... Pine is installed in a shared file system; it would have been nice for the CA certificate that signed the IMAP server's certificate to have been there too. ... So, instead of reconfiguring OpenSSL once and being done with it, you instead want to reconfigure every application program that uses OpenSSL? ... You don't want the SSLKEYS directory to be the same as the CA certificate directory, since only a file protection stands between that key and a hacker who could do bad things with it. ... Most people just use the OpenSSL standard CA certificate directory, or they rebuild OpenSSL so that its standard CA certificate directory is what they want it to be. ... (comp.mail.pine)
2K3 Cert Svcs gives invalid policy error on OpenSSL gend cert req ... OpenSSL-based UNIX SSL client and server and a Windows Server 2003 ... Standard Edition with Certificate Services for the CA. ... The OpenSSL generated ones look like, ... X509v3 Extended Key Usage:... (microsoft.public.windows.server.security)
Re: How do I install ssl certificates? ... I want to set up ssl support for -- well, anything besides browsers, as ... my rather naive approach of "openssl verify cert.pem" sure created a ... You can use that same certificate for all your server daemons. ... (comp.unix.bsd.freebsd.misc)
[UNIX] OpenSSL Multiple Vulnerabilities (Malformed ASN.1, Malformed Public Key) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1... OpenSSL to parse a client certificate from an SSL/TLS client when it ... resulting in a denial of service vulnerability.... (Securiteam)
