I will try to keep this short and to the point.
If you work in a Windows/Linux mixed environment, you may come across a scenario where you need to move SSL certificates and private keys from a Windows server using IIS to Linux running Apache or similar.
Windows and Linux tend to use two different key formats and this can make things tricky. Today I want to briefly write down/share the commands you can run using the OpenSSL framework to convert a Windows PFX formatted exported certificate into something Apache can use. (more…)
I have been doing a bit of cleaning house lately and have no less than 7 old hard drives sitting in my office. So I had a few questions to answer. First… are they usable? Second, if they aren’t, how can I securely dispose of them? (more…)
I have been using powershell to automate Internet Explorer interactions with a web application with a login page in our internal environment at work. I ran into an issue with my script because the page I was trying to access was secured with SSL and we were using a self-signed certificate. This causes Internet Explorer to redirect to a warning page rather than going straight to the site. I needed a way to bypass this warning page in code and I finally came up with a solution I am sharing here.
Normally I dive into articles like this with an assumption that people know everything I am talking about. This will be a bit different because on this topic I feel pretty green myself. As this is a fresh subject for me, I am going to treat it as a fresh subject for you. That being said, we are actually going to be working with a somewhat complex script by the time we are done and if you pickup most of the concepts along the way you are going to be off at a sprint with Powershell scripting.
In this article, let us review how to generate private key file (server.key), certificate signing request file (server.csr) and webserver certificate file (server.crt) that can be used on Apache server with mod_ssl.
Source: How To Generate SSL Key, CSR and Self Signed Certificate For Apache
The above linked article is an excellent overview that is right to the point for generating SSL keys on a linux server. The instructions include generating a CSR (certificate signing request) that can be sent to a third-party cert authority to get yourself a full-fledged certificate file in addition to instructions on generating a self-signed certificate (often used for testing but handy for a myriad of other things…)
I would also recommend you take a look at this link if you need to generate a key without a passphrase: http://serverfault.com/questions/366372/is-it-possible-to-generate-rsa-key-without-pass-phrase