Fedora 15

One certificate with multiple domains (mail.vanarts.com,autodiscover.vanarts.com,exserver.vanarts.com) was created on Windows 2008 server. I want to apply it to Fedora Apache web server.

From Windows server,

mmc

Add/Remove Snap-in --Certificates --Computer

Select mail.vanarts.com certificate and export it with private key and other options and save as vanarts.pfx with strong password.

In Fedora 15 computer,

openssl pkcs12 -in vanarts.pfx -out vanarts.pem

You will be asked for the password for the PFX package. You will also be asked for a new strong password. The new strong password is used to encrypt the private key.

Separate vanarts.pem into two files:certificate and private key

gedit

Open vanarts.pem

Copy the private key portion into vanarts.key including the dash line

Copy the certificate portion into vanarts.crt including the dash line

download Godday CA bundle and save it to /etc/pki/tls/certs

gd_bundle.crt

Decrypt the private key

openssl rsa -in vanarts.key -out vanarts.key

You will be asked for password.

cp vanarts.key /etc/pki/tls/private

cp vanarts.crt /etc/pki/tls/certs

install certificate component

yum install mod_ssl

vi /etc/httpd/conf.d/ssl.conf

SSLCertificateKeyFile /etc/pki/tls/private/vanarts.key

SSLCertificateFile /etc/pki/tls/certs/vanarts.crt

SSLCertificateChainFile /etc/pki/tls/certs/gd_bundle.crt

Restart httpd

/sbin/service httpd restart

If you create the csr file from the linux computer, you don't need the export and import process. Just download the certificate file (crt) and the gd_bundle.crt.