https://www.staffordnet.uk/ 2026-04-05T18:26:12+00:00 https://www.staffordnet.uk/ https://www.staffordnet.uk/lib/exe/fetch.php?media=favicon.ico text/html 2025-07-10T19:00:22+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=certificates:certificates_guide&rev=1752174022&do=diff SSL Overview This page shows how to create, request, install and manage SSL Certificates. Extra info can also be found on Certificates and Keystores and Converting. Strip Password from Base64 Strip a password from a Base64 file that has both certificate and key. openssl rsa -in [file1.key] -out [file2.key] text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=certificates:cisco_custom_certificate&rev=1669207782&do=diff Set Custom SSL Certificate If you have a Cisco device, you may have issues getting the SSL certificate to work properly on the web GUI. The solution is here. Specifically, I generated a certificate/key on a Palo Alto Networks PA-220 firewall because that was where I stored my home root CA. I then exported the certificate and ticked 'export private key'. I added a password as PAN- text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=certificates:install_root_ca&rev=1669207782&do=diff Install Root CA Linux To install a root CA certificate as a trusted root CA for Ubuntu systems, * Copy the root CA to /usr/local/share/ca-certificates/ * Update the system certificate store with sudo update-ca-certificates To remove a root CA certificate as a trusted root CA for Ubuntu systems, text/html 2025-09-13T09:07:14+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=certificates:lets_encrypt_main&rev=1757754434&do=diff Let's Encrypt This guide assumes you have your public DNS hosted with CloudFlare. On Ubuntu 20.04, install acme.sh git clone https://github.com/acmesh-official/acme.sh.git sudo mv acme.sh /var/acme Append export PATH=$PATH:/var/acme to the end of text/html 2023-12-21T20:55:58+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=certificates:lets_encrypt_wildcard&rev=1703192158&do=diff Using Let's Encrypt for WildCard This document shows you how to generate a free WildCard certificate using Let's Encrypt that you can use on a Nginx server and/or a Palo Alto Networks firewall for things like GlobalProtect. App-ID Remember, if you have a Palo Alto Networks firewall, the acme.sh script traffic is identified as text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=certificates:ssl_testing&rev=1669207782&do=diff Testing SSL Connections openssl s_client -connect example.com:443 openssl s_client -connect example.com:443 -servername domain.tld text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=certificates:vmware_custom_certificate&rev=1669207782&do=diff SSL Certificates on VMware On ESXi 7.0, you can import a custom certificate and key. * Enable SSH * SCP the PEM format certificate certificate.crt to esxiserver:/etc/vmware/ssl/ * SCP the PEM format private key private.key to esxiserver:/etc/vmware/ssl/