Install CA certificate for application in Red Hat

Post author:admin
Post published:April 16, 2018
Post category:IT / RedHat

Create a directory under an app/site in Red Hat server
/path/cert
Download a root CA certificate and copy to the above folder. Check the certificate expiration
openssl x509 -text -noout -in certnew.cer
Create a new keystore
keytool -genkey -lias NAME -keyalg RSA -keystore NAME.jksls /path/cert should show the above two files
certnew.cer
NAME.jks
Generate CSR for SAN certificate
keytool -certreq -keylag RSA alias NAME -file site.cer -keystore NAME.jks -ext SAN=dns:site.abc.com,dns:abc.com
Use CA to generate certificate by copying the content of site.csr to the certificate request. Download the certificate. I saved it as site.abc.com.cer
Import root certificate certnew.cer into key store
keytool -import -alias root -keystore NAME.jks -trustcacerts -file certnew.cer
Import the site certificate from 5 above
keytool -import -alias NAME -keystore NAME.jks -trustcacerts -file site.abc.com.cer
List the content of the keystore and it should now contain the root certificate and the site certificate
keytool -list -keystore NAME.jks

Note: Make sure to add the relative path to the new keystore file in your application configuration file

site.config
[httpd]

/home/path/cert/NAME.jks

I am a goal-oriented Infrastructure System Engineer and Information System Security Officer with over 10 years’ of experience in planning and implementation of network, servers, virtualization and security technologies . Background includes hands-on experience with multi-platform, LAN/WAN environments, assessing and implementation of security controls in using ODAA and RMF guidance. Demonstrated record of success in migrating, troubleshooting Servers and increasing efficiency.

You Might Also Like

Domain Admin Accounts locked out of DCs after implementing GPO

Nessus Findings: SQL Server Using Self-signed Certificate And SHA-1

VMware vCenter Upgrade: Error “No space left on device”