Cannot install a CA certificate

Discussion in 'Installation/Configuration' started by icompany, Jan 11, 2010.

  1. icompany

    icompany New Member

    Hello,

    CAn someone help me on how to install a certificate from certiifcate provider , first time setting up. I followed the instructions from the godaddy site created csr file , copied the .csr data to the godaddy site, they created my certiifcate but I am unable to install . says the key file does not match or error cannot find key file. 6 hours checking settings re downloading same error. Works fine with self signed certificate . Not sure if I.m using the right key file to generate the csr file or where I should be looking for this . Is it feasible to create a whole new key file and start from scratch? How can I create a server key file? Very lost at this point. below are the instructs they reference .

    Using suse 11.2 , apache2 , mod_ssl, openssl

    Code:
    :/usr/bin # openssl genrsa -des3 -out /etc/ssl/servercerts/serverkey.pem 2048
    Generating RSA private key, 2048 bit long modulus
    ..................................+++
    ......................+++
    e is 65537 (0x10001)
    Enter pass phrase for /etc/ssl/servercerts/serverkey.pem:
    Verifying - Enter pass phrase for /etc/ssl/servercerts/serverkey.pem:
    :/usr/bin # openssl req -new -key /etc/ssl/servercerts/serverkey.pem -out /etc/ssl/servercerts/cacert.csr
    Enter pass phrase for /etc/ssl/servercerts/serverkey.pem:
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [AU]:US
    State or Province Name (full name) [Some-State]:
    Locality Name (eg, city) []:
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:
    Organizational Unit Name (eg, section) []: 
    Common Name (eg, YOUR name) []:www.example.com
    Email Address []:support_info@example.com
    
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:
    :/usr/bin # 
    
    
     
    Last edited: Jan 11, 2010
  2. RacyJulison

    RacyJulison New Member

    Where to Buy Acai Berry

    The IntermediateCA1 must be a workgroup member because it is not connected with the network and has no connectivity to a domain controller. It is also important to ensure that the computer name of this server is unique in the organization's network
     

Share This Page