Need help in obtaining information to renew certificates on 3 servers.
The certs should be PKCS #10
Any guidance will be greatly appreciated.
I started to support the 3 servers as of a few days ago and the certifications are about to expired.
Where did you get the original certificates from? was that an internal CA or did you purchase them from an external one? You might be able to tell by using the command
openssl x509 -text -in /path/to/certificate/file
Look for the Issuer field. In principle you could approach the same service again. Unless you have any internal regulations who should be approached to obtain TLS certificates for (internal)
services.
1 Like
Hi,
thank you for your response. I was able to navigate to /path/to/certificate/ folder view the certs already installed. So I requested the certificate for each server by doing the following steps on each invidiaul server:
1- Created an archive folder and moved %nameoftheserver%.csr, %nameoftheserver%.crt, and %nameoftheserver%.pem leaving the %nameoftheserver%.key to create the request with the key.
2- Ran the command below to obtain a certificate request on each server.
openssl req -newkey rsa:2048 -nodes -keyout %nameoftheserver%.key -out %nameoftheserver%.csr
3- Once I obtain the certs request for each server I used... I sumitted form to otbain the actual cert. Copy the certs on indvidual folder to avoid confusion.
4- I used WINSCP to get into the servers and copy the certs on each invidiaul server location /opt/security.
5- Change permission to each cert to 644 using sudo.
6- Tested each site and new cert was working.
2 Likes
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.
If you have a query related to it or one of the replies, start a new topic and refer back with a link.