8 Replies Latest reply on Mar 4, 2016 11:59 AM by nicholas.obrien

    SSL: CSR & keyfile --keyfilepass

    nicholas.obrien

      I have my FMS14 up, running and hosting the file for our company (currently for access by client software only).

       

      • I have generated the CSR for the SSL using the "fmsadmin certificate create" command on the command line interface.
      • Files; serverRequest.pem & serverKey.pem were created, and the request sent to the CA and returned appropriately.
      • I downloaded the CA intermediate certificate and converted it to a .txt file.
      • Created a .txt file for the certificate that was returned, and placed both of them in the CStore file.
      • back at the command line i use "sudo fmsadmin certificate import" command to combine these files respectively.
        • sudo fmsadmin certificate import [pathname] --keyfile [pathname] --keyfilepass [_?_?_?_]
      • my problem is i don't know where to set this key file password up at, or what the standard one is (if it was created automatically).
        • I've tried leaving it blank and I've tried "password" all results in try again(s) and a denial which led to reissue of the certificate.
      • i have already had my certificate reissued once, and I'm right back to the same problem, which leads me to believe that it is supposed to be setup within the CSR along with the CN= O= C= ST= L=  .  If this is the case, what syntax do i use to add the key-password(PW=)?
        • and on second thought that doesn't sound right either....
      • i have not been able to find any documentation supporting this problem directly (on the web or the community), and the CA support tech had to help me get this far. its been 2 weeks since the first CSR was sent, and i still don't have an SSL protecting my server. The lack of documentation is leaving me very little room to wiggle, and now i turn to the community for help.... has anyone else dealt with this, can anyone shed some light on the topic?

      thanks in advance for any help offered, ~nick