Changes between Version 8 and Version 9 of mosh-x509
- Timestamp:
- May 3, 2012, 12:14:22 PM (9 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
mosh-x509
v8 v9 13 13 On a new server, puppet will generate a 2048-bit RSA key as /etc/ssl/private/HOST.mayfirst.org.uncertified.key and /etc/ssl/HOST.mayfirst.org.csr. In addition /etc/ssl/HOST.mayfirst.org.crt is created as a symlink to /etc/ssl/cert/ssl-cert-snakeoil.pem and /etc/ssl/private/HOST.mayfirst.org.pem is a symlink to /etc/ssl/private/ssl-cert-snakeoil.key. These symlinks are created to ensure that services that rely on them are properly started. 14 14 15 A sysadmin is required to submit the CSR to rapidssl.com (or another member of the CA cartel). Once the sysadmin has the certificate, s/he should replace the symlinked files with the appropriate files:15 A sysadmin is required to submit the CSR to cheapssls.com (or another member of the CA cartel). Choose {{{domain@mayfirst.org}}} for the confirmation email and {{{info@mayfirst.org}}} for the email address identified with the certificate. Please choose to use RapidSSL (there are many options for X509 certificate providers on this site). Once the sysadmin has the certificate, s/he should replace the symlinked files with the appropriate files: 16 16 * replace the /etc/ssl/HOST.mayfirst.org.crt symlink with a file containing the actual certificate and any intermediary certificates 17 17 * delete the /etc/ssl/private/HOST.mayfirst.org.pem symlink
