Install a X.509 Certificate from a Certificate Signing Request

Install a X.509 Certificate from a Certificate Signing Request

Generate a Certificate Signing Request

  1. Log in Nodegrid as root:

    1. ssh root@<Nodegrid_IP>

  2. Change directory to /etc/CA:

    1. cd /etc/CA

  3. Create a RSA key:

    1. openssl genrsa -out key.pem.new 2048

  4. Create a Certificate Signing Request:

    1. openssl req -new -sha256 -key key.pem.new -out csr.pem

  5. Make sure the files have the right permissions:

    1. chmod 0640 *.new

  6. Sign the Certificate Signing Request:

    1. Send the Certificate Signing Request domain.csr to a Certificate Authority to be signed.

    2. The Certificate Authority will sign the CSR and send you a certificate in PEM format.


Install the Signed Certificate

  1. Copy the signed certificate received from the Certificate Authority to Nodegrid:

    1. scp <certificate> root@<Nodegrid_IP>:/etc/CA/cert.pem.new

  2. Log in Nodegrid as root:

    1. ssh root@<Nodegrid_IP>

  3. Change directory to /etc/CA:

    1. cd /etc/CA

  4. Back up the original key and certificate:

    1. cp key.pem key.pem.old

    2. cp cert.pem cert.pem.old

    3. cp key_cert.pem key_cert.pem.old

  5. Install the new key and certificate:

    1. mv key.pem.new key.pem

    2. mv cert.pem.new cert.pem

    3. cat key.pem cert.pem > key_cert.pem

  6. Make sure the files have the right permissions:

    1. chmod 0640 key_cert.pem

    2. chmod 0644 cert.pem

  7. Restart apache

    1. apachectl graceful


    • Related Articles

    • Apply HTTPS certificate in Nodegrid

      Follow the steps from this article to generate a certificate signed request.  Then log in as admin to Nodegrid WebUI, and go to System :: Toolkit :: System Certificate. Upload the certificate file in .pem or .crt extension by selecting Local Computer ...

    • DHCP request to the Server

      After reboot, Nodegrid sends DHCP requests and wait up to 30sec to receive a lease from a server. If that time expires (i.e. no lease assigned), Nodegrid assigns static IP 192.168.160.10 to eth0 or 192.168.161.10 to eth1 so the users have a way to ...

    • How to increase the partition size of a Nodegrid appliance running NG v4.1.7 or newer, NG v4.2.5 or newer, or NG v5.0.x

      It is possible to upgrade to some versions of Nodegrid OS without going through the recommended intermediate versions of NG v4.1.6 or v4.2.4. This article applies to systems running the following versions: NG v4.1.7 or newer NG v4.2.5 or newer NG ...

    • ZPE Systems Help Center - How to Submit a Support Request

      ZPE Systems Help Center How to open a ticket Below are the steps to request a ticket. Go to http://zpesystems.com/resources/help-center and click on ‘Submit a request’ link on the top right corner of the page. Enter the required information on the ...

    • How to Configure IPSec Host to Host tunnel with Certificate

      Version 0.1 (02 May 2018) Overview Host to Host configurations allow two nodes to established a tunnel between them. The encrypted communication will be limited just to the two nodes involved. Figure 11: Host to Host Configuration Example Details ...