[[http://tmade.de|Home tmade.de]]

[[http://wiki.tmade.de|Home Wiki]]

===== Certificate =====

====Apache====

https://tmade.de/wiki/doku.php?id=server:apache#convert_certificate

https://tmade.de/wiki/doku.php?id=server:apache#creating_a_certificate_request

https://tmade.de/wiki/doku.php?id=server:apache#creating_a_certificate_request_rsa_or_dsa


====Tomcat====

https://tmade.de/wiki/doku.php?id=server:tomcat&s[]=%2Acert%2A#certificat_request

https://tmade.de/wiki/doku.php?id=server:tomcat&s[]=%2Acert%2A#certificat_conversion

==== Server Certificate ====

Server certificates are inside "/etc/ssl/certs". To add a new certificate, copy file inside this folder and:

  openssl x509 -hash -noout -in test-certificate.pem                                         #Show hash 
  ln -s test-certificate.pem `openssl x509 -hash -noout -in test-certificate.pem`.0          #Symlink hash to certificate

====Check====

  curl -v https://mydomain.com                                                    #check host/ https
  openssl s_client -connect localhost:5000 -servername mydomain.com               #check server response
  openssl x509 -noout -text -in mycert.crt                                        #check certificate
  openssl req -noout -text -in ssl-request.csr                                    #check certificate request (*.csr)
  
====Compare====
Check if my.key matches my.crt:

  openssl rsa –noout –modulus –in my.key | openssl md5
  openssl x509 –noout –modulus –in my.crt | openssl md5