-->
  • Recent Articles

    How to install PFX certificate in Linux and without PEM Passphrase

    How to install PFX certificate in Linux and without PEM Passphrase


    You must be Annoyed seeing the certificate error in web browser for some websites.
    Here we'll discuss how we can install .pfx certificate in Linux and use them in an application.
    If you use these certificate in Apache and you have not removed from passphrase from .PEM Certificate then you need to key-in the passphrase every time restart Apache. So we'll learn how to remove the passphrase from .PEM certificate.

    1. Send in the .pfx certificate to Linux Server.
    2. Change the .pfx certificate to .pem Certificate.

    [root@example local_cert]# openssl pkcs12 -in /tmp/lookbeautiful.local-3.pfx -clcerts -nokeys -out /etc/pound2/local_cert/lookbeautiful_2017.pem
    Enter Import Password:
    MAC verified OK

    3. Create the PRIVATE key 
    [root@example local_cert]# openssl pkcs12 -in /tmp/lookbeautiful.local-3.pfx -nocerts -nodes  -out /etc/pound2/local_cert/lookbeautiful_2017.key
    Enter Import Password:
    MAC verified OK
    [root@example local_cert]#

    4. Now copy the Private key and paste it in /etc/pound2/local_cert/lookbeautiful_2017.pem  at the end.
    -----BEGIN RSA PRIVATE KEY-----
    -----END RSA PRIVATE KEY-----

    5. You can check the certificate details by following Command.
    openssl x509 -in /etc/pound2/local_cert/lookbeautiful_2017.pem -text -noout

    6. You can verify the certificate.

    openssl verify /etc/pound2/local_cert/lookbeautiful_2017.key

    7.  Now apply the certificate in your application configuration.

    No comments