Skip to content

SSL Certificate Renewal

Jump to bottom
Siqi Tian edited this page Feb 5, 2017 · 2 revisions

The SSL Certificate are applied or renewed at University IT. A copy of it is in the inbox of daslab Gmail account. They are stored at /home/ubuntu/.ssl_cert/ on the server.

  • The final version used by aws iam is daslab_stanford_edu.key (Private Key), daslab_stanford_edu.crt (Public Key), and daslab_stanford_edu.ca-bundle (Chain Certificates). Details of Apache settings is at /etc/apache2/sites-enabled/000-default.conf.
  • The Private Key is self-signed. The original file is at /home/ubuntu/.ssl_cert/cert_self_sign/daslab_self_sign.key.
  • The Public Key is signed by InCommons. The original file is at /home/ubuntu/.ssl_cert/cert_InCommon/X509CO.cer.
  • The Chain Certificates is a concatenated version of /home/ubuntu/.ssl_cert/cert_InCommon/X509IO.cer and /home/ubuntu/.ssl_cert/cert_InCommon/X509CO.cer. It has 4 components in order: Root_AddTrustExternalCA.crt, Intermediate_1_USERTrustRSAAddTrust.crt, Intermediate_2_InCommonRSAServerCA.crt, and Primary_daslab_stanford.crt; which can be found in /home/ubuntu/.ssl_cert/cert_InCommon/parsed/.
  • The renew code is present both in the original email and /home/ubuntu/.ssl_cert/cert_info.txt.

Designed, built and managed by t47 @ Stanford Medicine.

Copyright © 2008-2017: Das Lab, Stanford University. All Rights Reserved.

Home

Manual

New Admin Setup

Admin Responsibility

Server Environment

Reference

Overview

Linux

Apache

MySQL

Python

Javascript

Clone this wiki locally