Friday, December 4, 2020

Convert a SSL certificate from crt to PFX (GoDaddy)

When you're creating a .pfx, you'll need a copy of the private key from your server, as well as the .crt file that you downloaded from GoDaddy.

When you download certificates from Go daddy portal you will get files something like this

 

Rename files  first Main root certificates as Certificate.crt and other gd file which is intermediate file as supporting more file.

You can use OpenSSL commands in command line to create the PFX, I'm including a sample below:

openssl pkcs12 -export -out certificate.pfx -inkey generated-private-key.txt -in certificate.crt -certfile more.crt

This will create a certificate.pfx file from your private key, as well as the .crt you downloaded.

You'll just need to make sure that you update the names in the sample code above to match your certificate/private key information.

user@server:~$ cd Certs_Apache /

user@server:~/ Certs_Apache$ openssl pkcs12 -export -out certificate.pfx -inkey generated-private-key.txt -in certificate.crt -certfile more.crt

unable to load private key

140238327080608:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY

When you convert the cert by using the openssl you can get the above error sometime

For above error solution is to check the .key file encoding.

Carry out the following steps: open the .key file with Visual Studio Code or Notepad++ and verify that the .key file has UTF-8 encoding. In my case, the file had UTF-8 with BOM encoding, so I saved the file with just UTF-8, and then tried the conversion again:

In addition, make sure that .key file has a valid scheme:

-----BEGIN PRIVATE KEY-----

Cipher here

-----END PRIVATE KEY-----

user@server:~/Certs_Apache$ openssl pkcs12 -export -out certificate.pfx -inkey generated-private-key.txt -in certificate.crt -certfile more.crt

Enter Export Password:

Verifying - Enter Export Password:

user@server:~/ Certs_Apache $

It will prompt for password for pfx file which needs to provide for verification. Which is required while importing certificate.

 
Posted by Sanjay Gurav at 5:04 AM 0 comments
Labels: , , ,

Tuesday, November 10, 2020

Create Local YUM Repository with DVD in RHEL 7

Create Source

Mount the CD/DVD ROM on any directory of your wish. For testing, mount it on /cdrom.

#mkdir /cdrom

#mount /dev/cdrom /cdrom

Create Repo file

Before creating a repo file, move your existing repo files present in /etc/yum.repos.d directory, if not required.

#mv /etc/yum.repos.d/*.repo /tmp/

Create the new repo file called cdrom.repo under /etc/repos.d directory.

#vi /etc/yum.repos.d/local.repo

Add the following details.

[LocalRepo]

name=LocalRepository

baseurl=file:///cdrom

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Where,

[LocalRepo] = Repository Name which will be displayed during package installation

name = Name of the repository

baseurl = Location of the package

Enabled = Enable repository

gpgcheck = Enable secure installation

gpgkey = Location of the key

gpgcheck is optional (If you set gpgcheck=0, there is no need to mention gpgkey)

Install Package from Local DVD YUM repository

Clear the repository cache by issuing the following command.

#yum clean all

Let’s install the vsftpd package from the local repository.

#yum install vsftpd

 
Posted by Sanjay Gurav at 11:35 AM 0 comments
Labels:

How to mount CD/DVD ROM on CentOS / RHEL Linux

System

CentOS 6/7/8, RHEL 6/7/8

How to mount CD/DVD ROM on CentOS / RHEL Linux step by step instructions

Locate CD/DVD block device: First we need to find a correct CD/DVD block device. To do this execute a command blkid as root user: 

# blkid 
/dev/sda1: UUID="d9704e79-b05e-4c9d-b94a-09643ba70592" TYPE="xfs" PARTUUID="83288aa1-01"
/dev/sda2: UUID="21291424-9d73-4c7e-b039-ce311702c75f" TYPE="swap" PARTUUID="83288aa1-02"
/dev/sr0: UUID="2019-08-15-21-52-52-00" LABEL="CentOS-8-BaseOS-x86_64" TYPE="iso9660" PTUUID="3e04f576" PTTYPE="dos"

Take a note of the relevant block device eg. /dev/sr0 and optionally also take a note of the shown UUID 2019-08-15-21-52-52-00.

Create Mount Point:
Mount point will be a directory where you wish to mount your CD/DVD drive. It can be any arbitrary directory. For example in this case we will be using /media/iso as a directory mount point: 

# mkdir /media/iso

Mount CD/DVD:
We are now ready to mount CD/DVD by using the mount command: 

# mount /dev/sr0 /media/iso/
mount: /media/iso: WARNING: device write-protected, mounted read-only.

At this point you should be able to access all files on your CD/DVD drive: 

   $ ls /media/iso/
   AppStream  BaseOS  EFI  images  isolinux  media.repo  TRANS.TBL

Permanent CD/DVD mount:

To mount your drive permanently edit /etc/fstab by adding the following line. Change UUID and mount point to fit your environment: 

UUID=2019-08-15-21-52-52-00             /media/iso                iso9660 ro,user,auto  0 0

Once ready mount the CD/DVD by: 

   # mount /media/iso/
Posted by Sanjay Gurav at 1:49 AM 0 comments
Labels:
Subscribe to: Posts (Atom)