D-Link DFL-860-IPS-12 Product Manual - Page 131
openssl pkcs12 -in gateway.pfx -out gateway.pem -nodes, 7.3. CA Certificate Requests
View all D-Link DFL-860-IPS-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 131 highlights
3.7.3. CA Certificate Requests Chapter 3. Fundamentals • Take out the relevant parts of the .pem file to form the required .cer and .key files. The detailed steps for the above stages are as follows: 1. Create the gateway certificate on the Windows CA server and export it to a .pfx file on the local NetDefendOS management workstation disk. 2. Now convert the local .pfx file to a .pem file. This can be done with the OpenSSL utility using the console command line: > openssl pkcs12 -in gateway.pfx -out gateway.pem -nodes In this command line example, the file exported from the CA server is assumed to be called gateway.pfx and it is assumed to be in the same local directory as the OpenSSL executable. The original gateway.pfx file contained 3 certificates: CA root certificate, a personal certificate and a private key certificate. The gateway.pem file now contains these in format which can be cut and pasted with a text editor. Note OpenSSL is being used here as a conversion utility and not in its normal role as a communication utility. 3. Create two blank text files with a text editor, such as Windows Notepad. Give the files the same filename but use the extension .cer for one and .key for the other. For example, gateway.cer and gateway.key might be the names. 4. Start a text editor and open the downloaded .pem file and locate the line that begins: -----BEGIN RSA PRIVATE KEY----- 5. Mark and copy into the system clipboard that line and everything under it, up to and including the line: -----END RSA PRIVATE KEY----- 6. Now paste the copied text into the .key file and save it. 7. Back in the .pem file, locate the line that begins: -----BEGIN CERTIFICATE----- and copy into the system clipboard that line and everything under it, up to and including: -----END CERTIFICATE----- 8. Now paste this copied text into the .cer file and save it. The saved .key and .cer files are now ready for upload into NetDefendOS. 131