100. Add SSL certificates to Servers
- Sharmendra Vishwakarma
- Gaurav (Unlicensed)
1. Physical Server Certificate Import
1.1 Login into any of the servers and generate the csr file using the following commands
openssl req –new –newkey rsa:2048 –nodes –keyout server.key –out server.csr
provide the following details on prompt
Name | Value |
|---|---|
Domain | *.empyra.com |
Locality | Irving |
Organization | empyra |
Organization Unit | empyra |
State | TX |
Country | US |
sysadmin@empyra.com |
1.2 Share the server.csr file with the IT support team(Possibly Vinayak)
1.3 It support team will share the ssl certificate having root, intermediate and ssl certificate bundled in one file(bundle.crt)
1.4 import the bundle.crt file into MMC (personal section and trusted certificate section)
2. Configure the SSL in nginx
2.1 goto the nginx.conf file and put the following lines in the server section
ssl_certificate /etc/bundle.crt;ssl_certificate_key /etc/rsa_domain.rsa;
Note : Make sure to copy the bundle.crt and server.key to the etc folder
2.2 rename server.key to rsa_domain.rsa
2.3 reboot the physical server
3. Configure SSL in node application server if Nginx is not present
3.1 goto app.js file in the nodejs application and put the following lines as options for https server
var options = { cert: fs.readFileSync("./cer/bundle.crt"), key: fs.readFileSync("./cer/rsa_domain.rsa"),};
Note : Make sure to copy the bundle.crt and server.key to the cer folder
3.2 reboot the node application server