fachinformatiker-wiki

it's easy when it's here

User Tools

Site Tools

Trace:
linux:verschluesselung:openssl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:verschluesselung:openssl [2025/03/19 19:14] gsyslinux:verschluesselung:openssl [2025/05/06 11:48] (current) gsys
Line 73: Line 73:
 ===== Zertifikate konvertieren ===== ===== Zertifikate konvertieren =====
  
-==== Reihenfolge in Bundles ==== +==== Reihenfolge einer Chain ==== 
 +Optimal:
 <code> <code>
 -----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
Line 86: Line 86:
 -----END CERTIFICATE----- -----END CERTIFICATE-----
 </code> </code>
-Unnötig da in Browser/OS Cert store bereits enthalten:+Unnötig da Root in Browser/OS Cert store bereits enthalten:
 <code> <code>
 +-----BEGIN CERTIFICATE-----
 +[Server Certificate]
 +-----END CERTIFICATE-----
 +-----BEGIN CERTIFICATE-----
 +[Intermediate certificate L1]
 +-----END CERTIFICATE-----
 +-----BEGIN CERTIFICATE-----
 +[Intermediate certificate L2]
 +-----END CERTIFICATE-----
 -----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
 [Root Certificate] [Root Certificate]
 -----END CERTIFICATE----- -----END CERTIFICATE-----
 </code> </code>
 +https://success.qualys.com/support/s/article/000005824 \\
 +https://success.qualys.com/support/s/article/000003197
  
 ==== Befehle ==== ==== Befehle ====
Line 109: Line 120:
 openssl x509 -inform der -in certificate.cer -out certificate.pem                  #der in pem openssl x509 -inform der -in certificate.cer -out certificate.pem                  #der in pem
 openssl pkcs7 -inform der -in cacert.p7b -out cacert.pem                           #p7p in pem openssl pkcs7 -inform der -in cacert.p7b -out cacert.pem                           #p7p in pem
 +</code>
 +
 +Permissions
 +<code>
 +chmod 700 private                                                                  #private key folder
 +chmod 600 private.key                                                              #private key
 +chmod 755 certs                                                                    #public certs folder
 +chmod 644 cert.pem                                                                 #public key file
 </code> </code>
  
linux/verschluesselung/openssl.1742408045.txt.gz · Last modified: 2025/03/19 19:14 by gsys