Country/Region

Import SSL Certificate into H3C VDI Workspace System

2023-04-18 17:29:49 Published
  • 0 Followed
  • 0Collected ,988Browsed
Jason_Khor

Problem Description

1.     Browser hinting that the site is not secured after selecting HTTPS mode.

2.     SSL Certificate is required in order for the browser to shown as secure mode.


Solution

Prerequisite:

1.     End User to provide the SSL/TLS certificate in .crt format, etc DigiCert.

 

Solution Steps:

1.     Connect to your server via SSH

2.     Run the following command:

         openssl req -new -newkey rsa:2048 -nodes -keyout your domain name.key -out your domain name.csr

         Note: Replace your domain name with the domain name you're securing. For example, if your domain name is coolexample.com, you                      would type coolexample.key and coolexample.csr

         Example: openssl req -new -newkey rsa:2048 -nodes -keyout vdi.ump.edu.my.key -out vdi.ump.edu.my.csr


3. Order Your SSL/TLS Certificate (Performed by end user)

a.     Open the .csr file that you created with a text editor.

b.     Copy the text, including the -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE REQUEST----- tags, and paste it in to the DigiCert order form.


4. Concatenate the primary and intermediate certificates.

a.     You need to concatenate your primary certificate file (your_domain_name.crt) and the intermediate certificate file (DigiCertCA.crt) into a single .pem file.

b.     Before concatenate the files, upload all the certificate file and key to following path: /etc/nginx/certificate

c.      To concatenate the files, run the following command:

cat your_domain_name.crt DigiCertCA.crt >> bundle.crt

4.     Concatenate the primary and intermediate certificates.


5. Edit the Nginx virtual hosts file

     cat /etc/nginx/conf.d/vdi.conf


    vi /etc/nginx/conf.d/vdi.conf

    i) To edit the configuration, select "I" or "Insert" Key

   ii) To quit and save the configuration, select “esc” key and use the command esc :wq!

Note: Adjust the file names to match your certificate files:

o   ssl_certificate should be your primary certificate combined with the intermediate certificate that you made in the previous step (e.g., your_domain_name.crt).

o   ssl_certificate_key should be the .key file generated when you created the CSR.

6. Restart Nginx services.

Run the following command to restart Nginx:

nginx -s reload


7. Verify the result.



Please rate this case:   
0 Comments

No Comments

Add Comments:

Copyright© 2025 H3C reserves all rights to the current version NO.1

The copyright of this icon belongs to H3C. It is only for the use of this community. Do not use it for commercial purposes. Anyone who violates this icon will be prosecuted