![]() You can leave off the "| md5" if you want to look at the actual data. that they are not all using the same key. The error you are getting indicates that one of these results is different, i.e. # openssl rsa -in mycert.key -noout -modulus | md5 The intent is that the certificate will be issued by an external 3rd party CA, so that the certificate will be trusted and is valid for use on the Internet. # openssl req -in mycert.csr -noout -modulus | md5 Now compare that to the modulus of the CSR: FreeNAS does not show the certificate in System >. FreeNAS recognizes the certificate in System > Certificates with valid Name, Issuer, Name, and Period. ![]() The modulus numbers these days are quite big, so I suggest running it through "md5" to get something that doesn't scroll off the screen when you do it three times. I have created an SSL certificate using 'Create Certificate Signing Request' and then pasting the externally signed certificate to the CSR. ![]() # openssl x509 -in mycert.crt -noout -modulus | md5 Take your three bits of data, the key, the CSR, and the certificate, and write each of them into separate files. Speaking as someone who has designed and maintains a number of enterprise certificate authorities, this generally suggests a problem with the certificate rather than a bug in the software. Yes, it should work and be very easy, but very low level bits of OpenSSL are saying that the certificate you are installing doesn't match the key that the system has.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |