ISSUE
Use their self-generated certificates for the appliance
RESOLUTION
Prerequisites:
- Generated a Public/Private Key Pair and CSR
- Requested Certificate from CA Server
- Downloaded Certificate and Chain File to Appliance tmp folder
Follow the below steps after the above have been completed by the customer:
Place the 3 certificates generated into /backups/samba
Next
cd /backups/samba
Next we will need to convert the P7B chain into a cer file for apache
openssl pkcs7 -print_certs -in HOSTNAMEChain.p7b -out HOSTNAME.cer
**Should put you on the next line, no output provided**
Next we need to modify the ssl.conf
vi /etc/httpd/conf.d/ssl.conf
Modify to match the below entries. Find the top line of each and comment it out with a # and then add the 2nd line in. Do this for all 3 entries.
#SSLCertificateFile /etc/pki/tls/private/localhost.crt SSLCertificateFile /backups/samba/HOSTNAME-DR.crt #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key SSLCertificateKeyFile /backups/samba/HOSTNAME.key #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt SSLCertificateChainFile /backups/samba/HOSTNAME.cer
Save the file
service httpd restart
Check for success