[openssl-users] regarding automating certificate management process

R-D intern Suman.Patro-TRN at lntebg.com
Sun Jun 12 06:45:10 UTC 2016


Hello,
        I have implemented ssl for tcp ad HTTP as well i.e  ssl security for
tcp ad http servers. I have created self- signed certificate for CA and
server and client certificates using the self- signed CA certificate.But I
would like to know the process of automating certificate management . For
example:
1. My certificates and private keys are stored on my local machine in .pem
format .I need to make the files unreadable so as to avoid mischief .Hence I
create a .pfx file and install that on my windows certificate store, But I
would require the cert and key paths in the server program. How do I open
windows store and extract certs and keys only to retrieve those for my
server program and not store the certs and keys on my local machine or file
? Is this the procedure how keys and certs are secured on  server machines ?
if not , what is the procedure, please elaborate.
2. One more concern is , if I export the .pfx file for my server program, I
need to also give a password with which the .pfx file import had been done
on the windows cert store and at some point in time , if the certificate
renewal is to be done and the system admin is a new one, a new password will
be assigned and on next export of .pfx file to server program, how do I
assign new password? Is this the process that needs to be followed?



--
View this message in context: http://openssl.6102.n7.nabble.com/regarding-automating-certificate-management-process-tp66636.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.


More information about the openssl-users mailing list