How to install PFX certificate in Linux and without PEM Passphrase
How to install PFX certificate in Linux and without PEM Passphrase
You must be Annoyed seeing the certificate error in web browser for some websites.
Here we'll discuss how we can install .pfx certificate in Linux and use them in an application.
If you use these certificate in Apache and you have not removed from passphrase from .PEM Certificate then you need to key-in the passphrase every time restart Apache. So we'll learn how to remove the passphrase from .PEM certificate.
1. Send in the .pfx certificate to Linux Server.
2. Change the .pfx certificate to .pem Certificate.
[root@example local_cert]# openssl pkcs12 -in /tmp/lookbeautiful.local-3.pfx -clcerts -nokeys -out /etc/pound2/local_cert/lookbeautiful_2017.pem
Enter Import Password:
MAC verified OK
3. Create the PRIVATE key
[root@example local_cert]# openssl pkcs12 -in /tmp/lookbeautiful.local-3.pfx -nocerts -nodes -out /etc/pound2/local_cert/lookbeautiful_2017.key
Enter Import Password:
MAC verified OK
[root@example local_cert]#
4. Now copy the Private key and paste it in /etc/pound2/local_cert/lookbeautiful_2017.pem at the end.
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
5. You can check the certificate details by following Command.
openssl x509 -in /etc/pound2/local_cert/lookbeautiful_2017.pem -text -noout
6. You can verify the certificate.
openssl verify /etc/pound2/local_cert/lookbeautiful_2017.key
7. Now apply the certificate in your application configuration.
You must be Annoyed seeing the certificate error in web browser for some websites.
Here we'll discuss how we can install .pfx certificate in Linux and use them in an application.
If you use these certificate in Apache and you have not removed from passphrase from .PEM Certificate then you need to key-in the passphrase every time restart Apache. So we'll learn how to remove the passphrase from .PEM certificate.
1. Send in the .pfx certificate to Linux Server.
2. Change the .pfx certificate to .pem Certificate.
[root@example local_cert]# openssl pkcs12 -in /tmp/lookbeautiful.local-3.pfx -clcerts -nokeys -out /etc/pound2/local_cert/lookbeautiful_2017.pem
Enter Import Password:
MAC verified OK
3. Create the PRIVATE key
[root@example local_cert]# openssl pkcs12 -in /tmp/lookbeautiful.local-3.pfx -nocerts -nodes -out /etc/pound2/local_cert/lookbeautiful_2017.key
Enter Import Password:
MAC verified OK
[root@example local_cert]#
4. Now copy the Private key and paste it in /etc/pound2/local_cert/lookbeautiful_2017.pem at the end.
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
5. You can check the certificate details by following Command.
openssl x509 -in /etc/pound2/local_cert/lookbeautiful_2017.pem -text -noout
6. You can verify the certificate.
openssl verify /etc/pound2/local_cert/lookbeautiful_2017.key
7. Now apply the certificate in your application configuration.
About Manas Ranjan Tripathy
No comments