...
Type the name of the CA → "Add"
...
Yarnman SSL Certificates
Configuring Intermediate Certificates
Typical format for standard SSL.
/opt/yarnlab/yarnman/config
ssl-cert.cert - Standard certificate sent to clients
ssl-key.pem - Private key file for checking response
In order to enable intermediate certificates we must create new folder in /config.
| Code Block |
|---|
~/config
/ca
1-name.crt
2-name.crt
3-name.crt |
The /ca folder contains the intermediate certificates that will be loaded in order. The easiest way to achieve this is to use the naming conventions 1-, 2- etc. Each certificate must end in .crt in order to be loaded.
Once the folder is created and at least one certificate is added in the format indicated the services on the node must be restarted.
Generate CSR
To acquire a new certificate you must generate a CSR (Certificate Signing Request). This may be done initially after creating private key or when a certificate expires
Certificate Locations /opt/yarnlab/yarnman/config
/ssl-cert.cert - Standard certificate sent to clients
/ssl-key.pem - Private key file for checking response
Open ssh session to server – go to /opt/yarnlab/yarnman/config
To generate CSR
Open Editor 'nano cert.cnf'
In the editor – complete following info
...