NetTalk Central
Toggle navigation
Login
Register
×
Welcome,Guest
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
NetTalk Central
»
NetTalk Web Server
»
Web Server - Ask For Help
»
Third party certificates - PEM encoded options
« previous
next »
Print
Pages: [
1
]
Author
Topic: Third party certificates - PEM encoded options (Read 5894 times)
CaseyR
Sr. Member
Posts: 448
Third party certificates - PEM encoded options
«
on:
February 04, 2020, 12:37:07 PM »
Hi, Bruce
One of our clients is part of a bulk acquisition arrangement for certificates. He has received the following for his certificate. This will likely be a common issue for our clients, so I would like to be able to provide specific instructions both for the certificate option and pem decoding. All identifying information has been redacted ... .
Much appreciated. Thanks
---------------------------------------------------------------------------------------------------------
You have successfully enrolled for an InCommon SSL certificate.
You now need to complete the following steps:
* Click the following link to download your SSL certificate (generally try to use a version that includes intermediates & root or your certificate may be rejected by some older clients)
Format(s) most suitable for your server software:
as Certificate only, PEM encoded:
https://cert-manager.com/customer/InCommon/ssl?action=download&sslId=....&format=x509IO
as Root/Intermediate(s) only, PEM encoded:
https://cert-manager.com/customer/InCommon/ssl?action=download&sslId=....&format=x509IO
as Intermediate(s)/Root only, PEM encoded:
https://cert-manager.com/customer/InCommon/ssl?action=download&sslId=...&format=x509IOR
Other available formats:
as Certificate (w/ chain), PEM encoded:
https://cert-manager.com/customer/InCommon/ssl?action=download&sslId=...&format=x509
as PKCS#7, PEM encoded:
https://cert-manager.com/customer/InCommon/ssl?action=download&sslId=...&format=base64
as PKCS#7:
https://cert-manager.com/customer/InCommon/ssl?action=download&sslId=....&format=bin
* Import your new certificate into your server (Please contact your administrator for help with this).
* Your renew id: ....
Certificate Details:
Common Name : ......edu
Subject Alternative Names :
Number of licenses :
SSL Type : InCommon SSL (SHA-2)
Term : $Term: 2 Year(s) Server : Apache/ModSSL
Requested : 02/04/2020 09:02 GMT
Approved : 02/04/2020 09:02 GMT
Expires : 02/03/2022 23:59 GMT
Order Number : .....
Self-Enrollment Certificate ID :....
Comments : ....
Logged
Bruce
Global Moderator
Hero Member
Posts: 11251
Re: Third party certificates - PEM encoded options
«
Reply #1 on:
February 09, 2020, 09:59:48 PM »
Hi Casey,
NetTalk uses the combination CRT / KEY format.
You can convert PEM to these using the OpenSSL.Exe utility.
(just google around for instructions, there's no shortage.)
cheers
Bruce
Logged
CaseyR
Sr. Member
Posts: 448
Re: Third party certificates - PEM encoded options
«
Reply #2 on:
February 11, 2020, 03:43:04 PM »
Thanks, Bruce
Fair enough on the pem encoding, but I would just like to confirm the best download option. I think it is Certificate (w/ chain). Normally, I would just try it out but I don't have access to the sever.
Logged
Jane
Sr. Member
Posts: 372
Expert on nothing with opinions on everything.
Re: Third party certificates - PEM encoded options
«
Reply #3 on:
February 11, 2020, 09:13:44 PM »
Some things (particularly mobile devices) will really want everything in the chain.
That said, you can download the chain items separately (as you mention in your first post).
There are specific instructions for NT as to how you need to paste together the server's certificate and any intermediate/root certificates.
https://www.capesoft.com/docs/NetTalk11/NetTalkWebSecure.htm#UsingIntermediateCertificates
Cheers,
Jane
Logged
CaseyR
Sr. Member
Posts: 448
Re: Third party certificates - PEM encoded options
«
Reply #4 on:
February 12, 2020, 10:36:29 AM »
Thanks, Jane
Logged
bshields
Sr. Member
Posts: 392
Re: Third party certificates - PEM encoded options
«
Reply #5 on:
February 13, 2020, 04:43:00 AM »
Hi Casey,
Use
https://www.ssllabs.com/ssltest
to verify you have it correctly.
Nettalk usually requires the certificate plus chain but not root (some domain registry's may require the root).
But ssllabs will tell you exactly, so no guess work.
Regards
Bill
Logged
CaseyR
Sr. Member
Posts: 448
Re: Third party certificates - PEM encoded options
«
Reply #6 on:
February 17, 2020, 02:29:38 PM »
Thanks Bill
Logged
Print
Pages: [
1
]
« previous
next »
NetTalk Central
»
NetTalk Web Server
»
Web Server - Ask For Help
»
Third party certificates - PEM encoded options