Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
cloudappliance/createcsr [2018_05_17 00:16] – Add link for smeconfigserver dougcloudappliance:createcsr [2024_03_18 19:54] steven
Line 3: Line 3:
 Log in as smeconfiguser then become root Log in as smeconfiguser then become root
  
-    openssl req -new -newkey rsa:2048 -nodes -out my_fqdn.com.csr -keyout my_fqdn.com.key -subj "/C=US/ST=MyState/L=MyCity/O=MyOrganization/OU=MyOrganizationalUnit/CN=my.fqdn.com"+Generate a config file we'll use, update the <server fqdn> with the URL you'd like to use for access.  
 +     
 +vim san.cnf 
 +     
 +    [ req ] 
 +    default_bits       = 2048 
 +    distinguished_name = req_distinguished_name 
 +    req_extensions     = req_ext 
 +    [ req_distinguished_name ]  
 +    countryName                 = Country Name (2 letter code) 
 +    stateOrProvinceName         = State or Province Name (full name) 
 +    localityName               = Locality Name (eg, city) 
 +    organizationName           = Organization Name (eg, company) 
 +    commonName                 = Common Name (POC Server FQDN) 
 +    [ req_ext ] 
 +    subjectAltName = @alt_names 
 +    [alt_names] 
 +    DNS.1   = <server fqdn> 
 + 
 +Next we'll use this config file and generate a key and csr, please fill out the releavnt locality info during this setup:  
 +   openssl req -out server.csr -newkey rsa:2048 -nodes -keyout private.key -config san.cnf
  
 This will generate 2 files: This will generate 2 files:
    
-    my_fqdn.com.key +    private.key 
-    my_fqdn.com.csr+    server.csr
  
-Copy the file my_fqdn.com.key to the private certs folder+Copy the file private.key to the private certs folder
  
-    cp my_fqdn.com.key /etc/pki/tls/private/+    cp private.key /etc/pki/tls/private/
  
 Ensure the file is in the proper location before deleting it: Ensure the file is in the proper location before deleting it:
  
-    cat /etc/pki/tls/private/my_fqdn.com.key+    cat /etc/pki/tls/private/private.key
  
-    rm my_fqdn.com.key+    rm private.key
  
 Send the CSR to the Certificate Authority of choice Send the CSR to the Certificate Authority of choice
  
-    cat my_fqdn.com.csr+    cat  server.csr
  
 The certificate authority will reply with a signed public key and intermediary certs. The certificate authority will reply with a signed public key and intermediary certs.
-These can be uploaded to the File Fabric when configuring via smeconfigserver. + 
-https://docs.storagemadeeasy.com/cloudappliance/applinstallv1705?s[]=smeconfigserver#ssl_certificates_recommended_+ 
© Copyright 2024 Nasuni.