Problem with certiface renew

Hi
This is my first post so Hi everybody

I have some problem with certificate renev proces on scmmanager, we buy certificate I have cert, ca cert, key with doc I use comand

openssl pkcs12 -inkey tls.key -in tls.crt -export -out keystore.pkcs12

But after restart services page don’t start.

My question is I need do more then this one command to use comercial certifiace not like before my friend self sign:?

1 Like

Hey @quandit88 , welcome to our community :slight_smile:

The first question here is: What is the concrete error? Do you see an exception in the SCM-Manager log? Can you post it here?
And just to be sure: The openssl command runs smoothly and the resulting file keystore.pkcs12 is stored in the correct location (/conf/keystore.pkcs12 if you use this configuration) and it is readable for the SCM-Manager process?

Regards, René

1 Like

Hi pfeuffer

The place where I put file is ok in the same place where was the old one /etc/scm

From last 6 log file when I greping exception the one result is

The command openssl probably works I doing this the system ask only about new password and thats all file created.

Maybe I need check logs more deep?

I have also the question when I doing this openssl command what type of file I need to have pem, der?

“and it is readable for the SCM-Manager process?”

chmod 777 for keystore file resolve probably problem, page is open, but now the question what access modyficator are correct, probably not 777 like I do for test :smiley:

OK done
1 openssl
2 file to /etc/scm
3 chmod 600
4 shown & chgrp scm
5 service restart

And works with wildcard

Hi,

glad you made it :slight_smile:

A 600 for the keystore is definitely better that 777 :+1: