SSL証明書の更新

Apache+mod_ssl用のSSL証明書更新

  1. pkcs#12の内容確認
    openssl pkcs12 -noout -info -in hogehoge.pfx
  2. 証明書を取り出す
    openssl pkcs12 -clcerts -nokeys -in hogehoge.pfx -out ./SSLCertificateFile.cer
  3. 秘密鍵を取り出す(暗号化無し)
    openssl pkcs12 -nocerts -nodes -in hogehoge.pfx -out ./SSLCertificateKeyFile.nodes.key
  4. 中間CA証明書を取り出す
    openssl pkcs12 -cacerts -nokeys -in hogehoge.pfx -out ./SSLCertificateChainFile.cer
  • ssl.conf設定
    SSLCertificateChainFile /home/hogehoge/keys/SSLCertificateChainFile.cer
    SSLCertificateFile /home/hogehoge/keys/SSLCertificateFile.cer
    SSLCertificateKeyFile /home/hogehoge/keys/SSLCertificateKeyFile.nodes.key

Ref: http://qiita.com/dumpty-alma@github/items/fc0b7f8aa3146651b090

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: