Re: WebStar SSL -> Apache

• Subject: Re: WebStar SSL -> Apache
• From: Ezra <email@hidden>
• Date: Wed, 30 Apr 2003 00:35:24 -0400

Hmm, try this:

openssl asn1parse -inform DER -in <private-key> -i -offset 21 -out
newkey

This should generate a DER-encoded PKCS#8 key using your old keyfile.

Now:

openssl pkcs8 -in newkey -inform DER -outform PEM -out pemkey

This should convert the DER-encoded key to a PEM-encoded private key.
Then, try having Apache use the resultant "pemkey"...

(Note, this information has been munged by me, relying off a Google
search. I've no access to a WebStar-generated key to verify if this
will work.)

--Micahel

-----Original Message-----
From: Michael S. Fischer [mailto:email@hidden]
Sent: Tuesday, April 29, 2003 4:11 PM
To: 'Ezra'; 'email@hidden'
Subject: RE: WebStar SSL -> Apache


The certificate is a copy of your public key, signed with the
CA's private key. You won't be able to obtain your private
key from it (it's meant to be publicly distributed).

The contents of the key file should look like this:

-----BEGIN RSA PRIVATE KEY-----
[...]
-----END RSA PRIVATE KEY-----

The way to see if the private key file is compatible with Apache:

openssl rsa -in <key-file> -text

Sorry, but I don't know what you should do if they key file
is incompatible. Consider contacting the vendor and asking
how to get your key out in PEM format (as required by OpenSSL).

--Michael

-----Original Message-----
From: email@hidden
[mailto:email@hidden] On Behalf Of Ezra
Sent: Tuesday, April 29, 2003 3:27 PM
To: email@hidden
Subject: Re: WebStar SSL -> Apache


I issued the following command as suggested and I was able

to see the

certificate information. Therefore, I believe I should
probably find a
way to generate a private.key from either the original certificate
request or find a way to convert the private.key created by

webstar.

When using the original private.key with apache it

complains that it

was not found and when trying to start with a newly created
private.key
with exact same info as original, apache says its started but
I believe
dies right away.

I am going to spend a spend a couple of more hours trying to
fix it, if
not, I am just going to get a new certificate with a new

private key.

Thanks for all your help.

thanks,
Ezra

On Tuesday, April 29, 2003, at 03:22 PM, Michael S. Fischer wrote:

Depends on what the certificate looks like. If you can run this
successfully:

openssl x509 -in <certificate-file> -text

Then your certificate can be used with Apache's mod_ssl.

--Michael

-----Original Message-----
From: email@hidden
[mailto:email@hidden] On Behalf Of Ezra
Sent: Tuesday, April 29, 2003 11:45 AM
To: email@hidden
Subject: WebStar SSL -> Apache


Hi!

Would a verisign issued certificate for Webstar4 work with

apache? Is

there a way to convert a private key generated by WebStar4

to apache

(openssl & mod_ssl) private key. I do have the actual csr

generated

by WebStar4 ssl tool as well if that would be any helpful.

By the way, I find this group very helpful.

thanks,
Ezra
_______________________________________________
macos-x-server mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/ma> cos-x-server Do
not post admin requests to the list. They
will be ignored.

_______________________________________________
macos-x-server mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/ma> cos-x-server
Do
not post admin requests to the list. They
will be ignored.

• Prev by Date: Re: Security flaw... kindda!
• Next by Date: Workgroup Manager connection dead
• Previous by thread: RE: WebStar SSL -> Apache
• Next by thread: DNS Server Problems
• Index(es):
  • Date
  • Thread