Install p7b on apache - apache

I got one certificate from the service provider ( We need to consume the service from server for single sign on)
certificate is p7b format certificate.
Dont know how to install it on apache. Can anyone help to install certificate.
I got allready one certificate on apache, that is crt certificate.

p7b file contains one or several certificates (which supposedly make a certificate chain in your case) without private keys. There's no need to install them on your server - these certificates are used to check the server's authenticity when you connect to it as a client. This is unrelated to your apache.

Related

SSL Self Signed Certificate Error

I have installed SSL Certificate manually that I had brought from Godadday. It installed successfully but it shows self signed certificate which is not trusted or displays cross on https.
What is the solution ?
It is showing because it does not recognized the certificate that you get from Godaddy.
The CSR certificate has to upload on your site and make changes on apache config file.
Make sure your CSR file should not match with the private key that you submitted to verify your site.
Installing a SSL certificate requires some server administration knowhow, especially updating web server configuration.
DigitalOcean has a great tutorial on how to install a SSL certificate from GoDaddy: https://www.digitalocean.com/community/tutorials/how-to-install-an-ssl-certificate-from-a-commercial-certificate-authority#example-ca-2-godaddy
Maybe it helps.
To check if you installed it correctly, you can use Qualys SSL Server Test at https://www.ssllabs.com/ssltest/index.html

Installing the certificate chain in Tomcat - Jelastic

I'm using jelastic to run my application. When I run the sslchecker on the site, I get an error about You may need to install an Intermediate/chain certificate to link it to a trusted root certificate.
In the Jelastic Custom SSL configuration, I have added the intermediate certificate. I have 2 of those. How can I install both. Right now There is only a option of installing one intermediate certificate. But according to Comodo's installation instuctions I need to install both the certificates. How can I do that.
Usually root certificate is not needed because it already exists in all web browsers. But sometimes, in case when web-browser is not used for communication, the root certificate should be present. For example when java application communicates with another application or java-client using trusted connection.
In this case instead of intermediate certificate should be uploaded chain of intermediate+root certs.
It is very easy to merge 2 or more certs. Open two intermediate certs using text editor. Copy root cert and past it to end of intermediate as on screenshot.

SSL certificate installation issue

After changing ssl certificate authority from Thawte to DigiCert.
SSL certificate installation issue.
After installing new DigiCert ssl certificate in our server. It is still referring to old Thawte ssl certificate even though we removed old certificate from the server.
Looks like you have another vhost file using the old certificate , please remove that from your . Also make sure you properly restart apache after adding the new certificate .
To check your installation you can use the tool below
Thawte certificate checker
To see what certificate you are using, you can use the following tool Tool
This tool will allow you to check what certificate is installed on your server. Then, you can use the utility tool utility tool
You will be able to see all of the certs from your local machine or server. If you don't see the certificate there, you can import your certificate with that tool. If the utility tool mentions that your private key doesn't match, you will have to recreate the CSR with the utility tool and you will have to reissue your cert. If you reissue your cert, you will not invalidate the original request.

SSL certificate in Directadmin not working

I'm trying to install a Comodo SSL certificate on a shared server, which has directadmin installed. I have assigned the user an unique ip address, made the CSR request and uploaded the certificate.
In directadmin I get the response that both the certificate and private key are saved. Unfortunately, when I browse to the https://www.domain.com I get a SSL error, saying that the certificate is untrusted, because it is self-signed.
I'm confused why this error occurs. It seems to me that I followed the correct steps to install the Comodo ssl certificate. I also tried deleting the private key and certificate through the command line on the server. But this does not seem to resolve the error.
What direction should I be looking into solving this issue?
Check if you installed the intermediate certificate. You have to list one or more intermediate certificates in the field for your public key.
You can also use the GlobalSign OneClickSSL plugin for DirectAdmin and let the plugin do everything for you automatically.
See: https://www.globalsign.com/ssl/oneclickssl/directadmin/
And: http://www.youtube.com/#/watch?v=tVP9i6Ing1M

Using self-signed certificates with keytool for development purposes

When generating a self-signed certificate using keytool, can I use an IP address for the Common Name?
Once I generated the certificate, I exported it so I can install it in my clients/browsers. In Windows, I ran mmc.exe and added it as a Trusted Root Certificate Authority.
However, when I navigate to the IP address in my browser, it is still an untrusted connection. I ensured Tomcat had all the correct Connector settings.
Am I doing this correctly? do I need to be my own CA? How can I use SSL for development purposes? I'm still trying to understand SSL completely.
First question: if you'll be connecting by IP, then yes.
Second question: No, you don't install your self-signed certificate as CA, you just add exception when your browser warns you that it's self-signed.
You can set up CA — you generate root certificate first, install it in the client, and then generate CSR and then server certificate from it (see e.g. this), but for development purposes this is a complete waste of time.