Certificate
  • 01 Mar 2022
  • 1 Minute to read
  • Dark
    Light

Certificate

  • Dark
    Light

Article summary

Legal Warning

Specifications, details, statements, and information in this manual are subject to change without any notice. All the information provided, procedures shared, or statements listed below are for Tegsoft technical experts only. Using this manual without Tegsoft Technical qualification should be avoided. Tegsoft has no obligation over the result of the application on any use. Some statements may not be suitable for use; avoiding without technical qualification may be crucial. Users must take full responsibility for performing any steps part of this manual. Users who are not aware of the technical terms and operations described here; should be aware that this document may not be suitable for their usage.

 

Changes to This Document

DateChange Summary
2020-09-02Initial release of the document.

 

 

 

Preface

This document explains how to manage and convert certificates. The preface for Certificate Management contains the following sections:

  • Certificate Verification
  • Converting Files
  • Common Errors

 

Obtaining Documentation

Tegsoft documentation and additional literature are available on Tegsoft Knowledge Base. This section explains the product documentation resources that Tegsoft offers.

Tegsoft Knowledge Base

You can access the most current Tegsoft documentation at this URL:

https://tegsoft.com/knowledge-base/

 

Prerequisites

  • You must have basic knowledge of networking
  • You must have basic knowledge of SSH connection
  • You must have basic skills in Linux Command Line Interface

 

Avoiding Override


Overriding default certificate files
When using /certificates folder and certificate. XXX files Tegsoft will override those files when booting. It is important to run below command to disable Tegsoft certificate overriding.

cd /certificates/
echo 1 > /root/custom_certificates

NOTE: Run all these commands in this document under /certificates path.

 

Converting Files

 

Converting PFX to KEY File
openssl pkcs12 -in yourfile.pfx -clcerts -nokeys -out certificate.crt

Enter Import Password:ENTER_PASSWORD

MAC verified OK

openssl pkcs12 -in yourfile.pfx -nocerts -out certificate-tmp.key

Enter Import Password:ENTER_PASSWORD

MAC verified OK

 

Enter PEM pass phrase: tegsoft123

Verifying - Enter PEM pass phrase: tegsoft123

 

openssl rsa -in certificate-tmp.key -out certificate.key


Enter passphrase for certificate-tmp.key: tegsoft123

writing RSA key


Converting CRT to PFX File
openssl pkcs12 -export -out certificate.pfx -inkey certificate.key -in certificate.crt -certfile bundle.crt

 

Converting KEY to 8 Bit KEY File
openssl pkcs8 -topk8 -inform PEM -outform DER -in certificate.key -nocrypt > certificate8.key

 

Converting CER to PEM File
openssl x509 -inform der -in certificate.cer -out certificate.pem

 

Converting CRT to PEM File
openssl x509 -in certificate.crt -out certificate.pem -outform PEM

 

 

Certificate Verification
openssl verify -verbose certificate.crt

Key Verification
openssl rsa -noout -modulus -in certificate.key | openssl md5

Key - Certificate Matching
openssl pkey -in certificate.key -pubout -outform pem | sha256sum
openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum
openssl x509 -in certificate.crt -text -noout

Restarting httpd Service


service restart httpd

or

systemctl restart httpd



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.