Apache Certificate Renewal
Backup
1. Stop apache.
cd $apachehome/bin
./apachectl stop 2. Take backup of server.crt , server.key , server-ca.crt files from $apachehome/conf in binary mode
Deployment
3. Copy the attached renewed files ( server.crt , server.key , server-ca.crt) in the below mentioned location in binary mode.
$apachehome/conf
4. Search the below string pattern in httpd-ssl.conf file in $apachehome/conf/extra path SSLCertificateChainFile "$apachehome/conf/server-ca.crt"
If it is commneted please remove the comment.
5. Start apache.
cd $apachehome/bin
./apachectl start
6. Check whether apache is running or not by using the below command:
netstat -a | grep 8080
Sample Output should be:
GW85: netstat -a | grep 8080
*.8080 *.* 0 0 49152 0 LISTEN
7. Then try login using the below URL: https://mydnsname:8080/mywebapp/default.jsp
Then view the certificate and entry should be as below:
Issued to: mydnsname
Issued by: Symantec Class 3 Secure Server CA - G4
Valid from 5/1/2015 to 5/31/2016
8. If all the above details looks fine, then renewal of Apache certification done successfully.
Rollback
9. Stop Apache.
10. If it fails store the files ( server.crt , server.key , server-ca.crt) back to the path $apachehome/conf
11. Start Apache.
Backup
1. Stop apache.
cd $apachehome/bin
./apachectl stop 2. Take backup of server.crt , server.key , server-ca.crt files from $apachehome/conf in binary mode
Deployment
3. Copy the attached renewed files ( server.crt , server.key , server-ca.crt) in the below mentioned location in binary mode.
$apachehome/conf
4. Search the below string pattern in httpd-ssl.conf file in $apachehome/conf/extra path SSLCertificateChainFile "$apachehome/conf/server-ca.crt"
If it is commneted please remove the comment.
5. Start apache.
cd $apachehome/bin
./apachectl start
6. Check whether apache is running or not by using the below command:
netstat -a | grep 8080
Sample Output should be:
GW85: netstat -a | grep 8080
*.8080 *.* 0 0 49152 0 LISTEN
7. Then try login using the below URL: https://mydnsname:8080/mywebapp/default.jsp
Then view the certificate and entry should be as below:
Issued to: mydnsname
Issued by: Symantec Class 3 Secure Server CA - G4
Valid from 5/1/2015 to 5/31/2016
8. If all the above details looks fine, then renewal of Apache certification done successfully.
Rollback
9. Stop Apache.
10. If it fails store the files ( server.crt , server.key , server-ca.crt) back to the path $apachehome/conf
11. Start Apache.
No comments:
Post a Comment