Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
help:technical:sslcerts [2015/11/24 20:13]
rubin 		help:technical:sslcerts [2016/01/26 11:43] (current)
rubin
Line 11: Line 11:
 Then you decrypt the key: Then you decrypt the key:
   openssl rsa -in ssl.key -out ssl.key   openssl rsa -in ssl.key -out ssl.key
-   
-Then they must be combined into a .pem file: 
  
-  <del>cat server.key server.crt startcom-ca-bundle.pem startcom-ca.pem > ircd.pem</del>+Startcom sends you a zip with other zips in it. We want ApacheServer.zip, extract the 2 files from it and then do this: 
 +  cat server.key 2_server.crt 1_root_bundle.crt > ircd.pem
      
-  cat server.key startcom-sub.class2.server.ca.pem > ircd.pem+   
 +====== Lessons Learned ====== 
 +  * gnutls defaults to accepting only 16 intermediary certs, and the startcom intermediary bundle has 18, so it breaksWe really only need the one class2 sub cert, so we switched to that. 
 +  * The ca cert is not needed and causes a warning (self signed certificate in chain) in some cases, so removed that. 
 + 
  

Page Tools