Specifications

ManualsBrandsCoyote Point Systems ManualsHome AudioEqualizer

181

182

183

184

185

186

187

188

189

190

Preparing a Signed CA Certificate for Installation

Equalizer Installation and Administration Guide 177

Preparing a Signed CA Certificate for Installation

When you receive your signed certificate back from your CA, you’ll get one or more .pem files in

return, or you’ll get one or more mail messages from the CA. The files or messages contain your

signed certificate and any necessary intermediate certificates required by the CA’s chain of trust.

If you get your certificates in the mail, save each one to an ASCII text file with a .pem extension.

Make sure you use a text editor such as Notepad (Windows) or vi (Unix/Linux) to save the files as

text files.

Note that if you are using IIS, see the section “Using IIS with Equalizer” on page 182.

If you get only one certificate (the signed server certificate) from your CA, then:

1. Save it to a text file (e.g., servcert.pem for a server certificate, or clientcert.pem for a client

certificate).

2. Open a new text file and read both the signed certificate and your private key (in this order)

into the file. (The private key was created previously when you generated your CSR.) Save the

file as a plain text file. On a Unix system, like Equalizer, you can do this with a command like

one the following:

cat servcert.pem privkey.pem > clustercert.pem

cat clientcert.pem privkey.pem > clientprivcert.pem

Whatever method you use, the file should look like this when you are done:

-----BEGIN CERTIFICATE-----

...

-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----

...

-----END RSA PRIVATE KEY-----

Make sure you save the file as a plain text file.

3. Install the file into Equalizer as instructed in the section “Installing a Server or Client

Certificate for an HTTPS Cluster” on page 178.

If the CA uses chained root, or intermediate, certificates, then you’ll receive (or need to download

from the CA) more than one .pem file: the server certificate, plus any intermediate certificates

needed to establish the chain of trust back to a Root CA certificate installed on your web server or

client browser.

If you get more than one certificate (the signed server certificate plus one or more intermediate

certificates) from your CA, then:

1. Save each certificate to a separate text file (e.g., servcert.pem, intmcert.pem).

2. Open a new text file and read the signed certificate, your private key, and any intermediate

certificates (in this order) into the file. (Your private key was created previously, when you

generated the CSR.) Save the file as a plain text file. On a Unix system, like Equalizer, you can

do this with a command like one of the following:

cat servcert.pem privkey.pem intmcert.pem > clustercert.pem

cat clientcert.pem privkey.pem intmcert.pem > clientprivcert.pem

Whatever method you use, the file should look like this when you are done: