[CentOS] Export/Import wild card SSL

aurfalien aurfalien at gmail.com
Tue Oct 23 18:09:04 EDT 2012


On Oct 23, 2012, at 2:48 PM, m.roth at 5-cent.us wrote:

> aurfalien wrote:
>> On Oct 23, 2012, at 1:22 PM, Eero Volotinen wrote:
>>> 2012/10/23 aurfalien <aurfalien at gmail.com>:
> <snip>
>>>> My scenario;
>>>> 
>>>> I have a wild card SSL installed on one of my CentOS boxes.
>>>> 
>>>> As I understand it, this server was used as a sort of master when
>>>> originally generating and receiving the wild card SSL cert (got the
>>>> cert from GoDaddy BTW).
>>>> 
>>>> So, now I must export some file(s) from that server so that I can
>>>> import it/them to another server.
> <snip>
>>>> But I honestly do not under stand what I did here and have a feeling
>>>> this is incomplete as aren't public and private key involved some how?
>>>> 
>>>> I have my ca.csr (my request file), ca.key (my private key) and ca.pem
>>>> (my public key) files in hand and ready.  A backup has been made for
>>>> testing.
>>> 
>>> Looks like you are a bit lost in ssl-forest.
>> 
>> Ain't that the truth.
>> 
>>> just copy your privatekey
>>> and signed cert file to another box and configure apache. that is all
>>> that is needed.
>> 
>> Wow, so simple that its complicated :)
>> 
> Did you generate the new files with the correct name of the new server? If
> not, people browsing there will see complaints that the key doesn't match
> the server name.

This is a wild card SSL by the way.

When looking at the keys I see;

Subject:	 /O=*.domain.com/OU=Domain Control Validated/CN=*.domain.com
Issuer:	 /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=########
Validation Days:	 start date - end date
Subject Alternative Name:  	 *.domain.com, domain.com
I don't see any ref to the servers name that its running on.

I removed the serial, domain name and dates.

- aurf


More information about the CentOS mailing list