SSL new cert generation

-

Below are steps for generating certificates in your Organization.

Private key generations using OpenSSL:

#openssl genrsa -out hostname.domain.com.key 2048


CSR generation using openssl:

#openssl req -new -key hostname.domain.com.key -out hostname.domain.com.csr -nodes -subj "/C=US/ST=Region/L=Location/O=Organization/OU=UNIT/CN=hostname.domain.com/emailAddress=support.help@domain.com" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:hostname,DNS:hostname.domain.com,DNS:api.hostname.domain.com,DNS:storage.hostname.domain.com,DNS:tasks.hostname.domain.com"))


Acquire security certification from CA:

Security certificate needs to be provided by the cert admins. Work with AD Team Admins or one who supports certs in your Organization


NOTE: for most it ends here if you need pem or pfx file follow respective steps to generate keys 

#####################################################################################

To generate .pem key use below 

Create a .pem file using .crt and .pem keys

#cat hostname.domain.com.key hostname.domain.com.csr > hostname.domain.com.pem


To generate .PFX key use below 

Convert Security certificate file to PFX

Once the certificate file is provided by the cert admins, it needs to be converted to pfx (pkcs12) format to be successfully imported into IIS.

Use the following command from the location where the cert and key files are placed. presence of key files is mandatory for successful conversion.

pkcs12 conversion

#openssl pkcs12 -inkey hostname.domain.com.key -in hostname.domain.com.crt -export -out hostname.domain.com.pfx -name "hostname.domain.com_cert" -nodes -passout pass:

Comments

Post a Comment

Popular posts from this blog

AWS: Auto Scaling

-
Amazon Web Services (AWS) Auto Scaling is a service that allows you to automatically adjust the number of Amazon EC2 instances (virtual servers) in your AWS environment to handle changes in workload, traffic, or resource utilization. It helps you ensure that you have the right number of instances running at any given time to maintain application availability and performance while optimizing costs. Here's a breakdown of key concepts and how AWS Auto Scaling works: 1. Auto Scaling Groups (ASGs):   An Auto Scaling Group is a fundamental component of AWS Auto Scaling. It defines a collection of Amazon EC2 instances that share similar characteristics and are treated as a logical grouping for scaling purposes. Instances within an ASG are launched from the same Amazon Machine Image (AMI) and have the same configuration settings. 2. Scaling Policies: AWS Auto Scaling allows you to define scaling policies that specify when and how the Auto Scaling Group should scale. There are two prim...
Read more

Jenkins Pipeline

-
Introduction Jenkins, the popular open-source automation server, offers a powerful feature known as pipelines to streamline and automate your software development processes. Jenkins pipelines enable you to define, automate, and manage your entire software delivery workflow as code. In this blog post, we'll dive into the world of Jenkins pipelines, discussing what they are, their benefits, and how to create them effectively. What are Jenkins Pipelines? Jenkins pipelines are a set of instructions defined in code that specify how Jenkins should build, test, and deploy your software. They are designed to replace the traditional, point-and-click job configuration in Jenkins with a more structured and flexible approach. Pipelines can be defined using either Declarative or Scripted syntax, giving you the flexibility to choose the best fit for your project. Benefits of Jenkins Pipelines 1. Code as Configuration: Jenkins pipelines are defined as code, allowing you to version control your bu...
Read more

EC2-Instances-awscli

-
Launch instance: aws ec2 run-instances --image-id <value> --instance-type <value> --security-group-ids <value> --subnet-id <value> --key-name <value> --user-data <value> Terminate instances: aws ec2 terminate-instances --instance-ids <value> <value> 
Read more