| 1 | = How to re-sign the certificate = |
| 2 | See http://www.midnight-commander.org/ticket/2578 for details. |
| 3 | |
| 4 | If you want to create new private key, run: |
| 5 | {{{ |
| 6 | openssl genrsa -out midnight-commander.org.key 2048 |
| 7 | }}} |
| 8 | |
| 9 | If you want just re-sign certificate, get the private key from m-c.o server (placed by path /etc/ssl/midnight-commander.org.key) and run the command: |
| 10 | {{{ |
| 11 | DOMAIN_NAME="www.midnight-commander.org" |
| 12 | |
| 13 | expect -c ' |
| 14 | set timeout -1 |
| 15 | spawn openssl req -new -key midnight-commander.org.key -out midnight-commander.org.csr |
| 16 | match_max 100000 |
| 17 | expect "Country Name" |
| 18 | send -- "MC\r" |
| 19 | expect "State or Province Name" |
| 20 | send -- "'${DOMAIN_NAME}'\r" |
| 21 | expect "Locality Name" |
| 22 | send -- "'${DOMAIN_NAME}'\r" |
| 23 | expect "Organization Name" |
| 24 | send -- "'${DOMAIN_NAME}'\r" |
| 25 | expect "Organizational Unit Name" |
| 26 | send -- "'${DOMAIN_NAME}'\r" |
| 27 | expect "Common Name" |
| 28 | send -- "'${DOMAIN_NAME}'\r" |
| 29 | expect "Email Address" |
| 30 | send -- "\r" |
| 31 | expect "A challenge password" |
| 32 | send -- "\r" |
| 33 | expect "An optional company name" |
| 34 | send -- "\r" |
| 35 | expect eof |
| 36 | ' |
| 37 | }}} |
| 38 | |
| 39 | If you don't have an expect utility, you may manually run the command: |
| 40 | {{{ |
| 41 | openssl req -new -key midnight-commander.org.key -out midnight-commander.org.csr |
| 42 | }}} |
| 43 | |
| 44 | And fill all fields as it provided in script. |
| 45 | |
| 46 | After this, register or login to https://www.startssl.com, validate (if needed) m-c.o domain and run 'Certufucates Wizard' tab on webpage. Skip generation of private key and insert content of midnight-commander.org.csr file to the textarea on webpage. Next, press 'Continue' button and copy content of textarea to midnight-commander.org.crt file. Copy midnight-commander.org.crt file to /etc/ssl/midnight-commander.org.crt file on m-c.o server. Log in to m-c.o server via ssh and run: |
| 47 | {{{ |
| 48 | sudo su - |
| 49 | /etc/init.d/nginx restart |
| 50 | }}} |
| 51 | |
| 52 | |
| 53 | That's all. |