Changes between Initial Version and Version 1 of maintain/SSL


Ignore:
Timestamp:
01/30/13 12:00:07 (11 years ago)
Author:
slavazanko
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • maintain/SSL

    v1 v1  
     1= How to re-sign the certificate = 
     2See http://www.midnight-commander.org/ticket/2578 for details. 
     3 
     4If you want to create new private key, run: 
     5{{{ 
     6openssl  genrsa -out midnight-commander.org.key 2048 
     7}}} 
     8 
     9If you want just re-sign certificate, get the private key from m-c.o server (placed by path /etc/ssl/midnight-commander.org.key) and run the command: 
     10{{{ 
     11DOMAIN_NAME="www.midnight-commander.org" 
     12 
     13expect -c ' 
     14set timeout -1 
     15spawn openssl req -new -key midnight-commander.org.key -out midnight-commander.org.csr 
     16match_max 100000 
     17expect "Country Name" 
     18send -- "MC\r" 
     19expect "State or Province Name" 
     20send -- "'${DOMAIN_NAME}'\r" 
     21expect "Locality Name" 
     22send -- "'${DOMAIN_NAME}'\r" 
     23expect "Organization Name" 
     24send -- "'${DOMAIN_NAME}'\r" 
     25expect "Organizational Unit Name" 
     26send -- "'${DOMAIN_NAME}'\r" 
     27expect "Common Name" 
     28send -- "'${DOMAIN_NAME}'\r" 
     29expect "Email Address" 
     30send -- "\r" 
     31expect "A challenge password" 
     32send -- "\r" 
     33expect "An optional company name" 
     34send -- "\r" 
     35expect eof 
     36' 
     37}}} 
     38 
     39If you don't have an expect utility, you may manually run the command: 
     40{{{ 
     41openssl req -new -key midnight-commander.org.key -out midnight-commander.org.csr 
     42}}} 
     43 
     44And fill all fields as it provided in script. 
     45 
     46After this, register or login to https://www.startssl.com, validate (if needed) m-c.o domain and run 'Certufucates Wizard' tab on webpage. Skip generation of private key and insert content of midnight-commander.org.csr file to the textarea on webpage. Next, press 'Continue' button and copy content of textarea to midnight-commander.org.crt file. Copy midnight-commander.org.crt file to /etc/ssl/midnight-commander.org.crt file on m-c.o server. Log in to m-c.o server via ssh and run: 
     47{{{ 
     48sudo su - 
     49/etc/init.d/nginx restart 
     50}}} 
     51 
     52 
     53That's all.