| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
| SSL cert |
« View previous topic :: View next topic » |
| Author |
Message
|
| marcin.kasinski |
 Posted: Fri May 18, 2007 6:24 am Post subject: |
 |
|
Sentinel
Joined: 21 Dec 2004
Posts: 850
Location: Poland / Warsaw
|
| angka wrote: |
Hi,
Btw I am using self signed Cert. The Private and Public key is different from the previous one.
Thanks |
Why are you using self signed Cert. I would suggest using "standard" PKI, your cert-pair and CA which should sign your cert.
Have you red link above ?
Here you have another.
It describes how you can do it with openssl.
http://dev.riseup.net/grimoire/web-server/self-signed-certs/#renewing_certificates
_________________
Marcin |
|
| Back to top |
|
 |
| angka |
| Posted: Sun May 20, 2007 11:39 pm Post subject: |
|
|
Chevalier
Joined: 20 Sep 2005
Posts: 406
|
Hi,
Ya I read the link. However, the system already in production so it is not easy to change now. btw the openssl is not include in default MQ.. any idea how to add it in?
Thanks |
|
| Back to top |
|
|
| marcin.kasinski |
| Posted: Mon May 21, 2007 6:32 am Post subject: |
|
|
Sentinel
Joined: 21 Dec 2004
Posts: 850
Location: Poland / Warsaw
|
| angka wrote: |
Hi,
Ya I read the link. However, the system already in production so it is not easy to change now. btw the openssl is not include in default MQ.. any idea how to add it in?
Thanks |
Openssl is not include in default MQ.
It is different product.
Which product did you use to generate your sef-signed cert , ikeyman, keytool, ... ?
_________________
Marcin |
|
| Back to top |
|
|
| angka |
| Posted: Wed May 23, 2007 2:02 am Post subject: |
|
|
Chevalier
Joined: 20 Sep 2005
Posts: 406
|
Hi,
I am using ikeyman.
How to integrate openssl into ikeyman?
Thanks |
|
| Back to top |
|
|
| marcin.kasinski |
| Posted: Wed May 23, 2007 3:18 am Post subject: |
|
|
Sentinel
Joined: 21 Dec 2004
Posts: 850
Location: Poland / Warsaw
|
| angka wrote: |
Hi,
I am using ikeyman.
How to integrate openssl into ikeyman?
Thanks |
You have to export self signed cert and import it into openssl.
Then follow this instruction except first openssl command.
http://www.togaware.com/linux/survivor/Renew_SSL.html
Without testing :
openssl req -new -key togaware.com.key -out togaware.com.csr
# openssl x509 -req -days 365 -in togaware.com.csr \
-signkey togaware.com.key -out togaware.com.crt
# mv apache.pem apache.pem.old
# cp togaware.com.key apache.pem
# cat togaware.com.crt >> apache.pem
# chmod 600 apache.pem
Then convert this cert into pkcs12 and import to your kdb keystore.
Please test it on DEV environment.
_________________
Marcin |
|
| Back to top |
|
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
