This discussion is archived
3 Replies Latest reply: Feb 21, 2012 9:14 AM by 838745 RSS

Installing SSL certificate

838745 Newbie
Currently Being Moderated
Hello,

I am trying to install a new signed certificate but having hard time. Any suggestion would be appreciated.


I created a new SCR by using:

#Tarantella security certrequest –country “US” –State “California” –orgname “University of California Irvine” –locality “Orange” –Keylength 2048

Sent SCR to supported authority and got the certificate back. I have copy this certificate in root. So far so good, but problem is that I can’t install it.

If I use

#Tarantella security certuse

After initial warning I copy the content of certificate, hit <ENTER> and then Ctrl+D but I get error claiming that: Not a valid certificate

If use:

#Tarantella security certuse < /root/myResearch.p7b

I get following repeating error:

Are you sure you want to overwrite it? [no]

And then in the end of this repeating statement the last sentence says: Not a valid certificate.

What am I doing wrong?

Thanks.

Habib.
  • 1. Re: Installing SSL certificate
    user12629685 Explorer
    Currently Being Moderated
    From tarantella security certuse --help

    Certificates must be Base 64-encoded PEM-format, with a header line
    including "BEGIN CERTIFICATE", as used by OpenSSL.

    It looks like you have been given a certificate in a different format, PKCS#7 (p7b). You could request a new certificate from the CA in PEM format or try to convert the one you have. I do not think SGD supports that conversion, but there are tools to convert certificate formats on the web.
  • 2. Re: Installing SSL certificate
    838745 Newbie
    Currently Being Moderated
    i am not sure about PEM format. I am trying to find answer from security team. however, in the mean time I got the new certificate in base 64-format with cer extension. I used following command:

    tarantella security certuse --certfile /opt/var/tps/myresearch2012-base64.cer

    It gives warning that 'A key file already exists for this server. Are you sure you want to overwrite it ?' If say yes it returns 'The certificate file doesn't exist'.

    Any other suggestion?

    Thanks.
  • 3. Re: Installing SSL certificate
    838745 Newbie
    Currently Being Moderated
    That's what it worked for me.

    tarantella security certuse certfile /opt/tarantella/var/tsp/myresearch-2012-base64.cer keyfile /opt/tarantella/var/tsp/key.pending.pem

    Thanks.

    Habib.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points