exporting SSL keys to Windows servers

Unanswered Question
May 20th, 2008

Hi,


We have a block of servers that all need verisign certificates and I'm wondering if I can make the following scenario (or something similar) work.


Two servers outside our network and two internal. I'd like to terminate SSL on the CSS + do backend encryption to our FTPS servers. Inhouse, I'd like to import the same SSL certs directly to the Windows FTPS servers (same name different IP).


I generated the RSA key pair on our external CSS, and with them generated a CSR that was uploaded to Verisgn. They sent back a certificate which was unreadable on the CSS and my PC. I saved the cert with extension .pfx and .cer (and a few others) but cannot view it, which makes me think I did something wrong with key or csr generation.


1. Can this setup be accomplished (generating and exporting the keys from CSS to other servers)?


2. Did I botch something somewhere? If so, what commands should I follow to do it right?


Thanks,

Joe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
joe.arnstein Wed, 05/21/2008 - 08:06

Any thoughts on this one?


To generate the key pair I ran:


ssl genrsa keyname 1024 "password"


Then I did 'ssl associate' and used that name to generate the csr. Can I get away with using this key pair and Verisign cert on our windows servers?



Actions

This Discussion