Difference between revisions of "Obtaining a StartCom Murmur Certificate"

From Mumble Wiki
Jump to: navigation, search
(Created page with 'This is a quick hands-on guide for obtaining and installing a Class 1 server certificate in murmur on a reasonably modern Linux system. wget --no-check-certificate https://www.…')
 
Line 6: Line 6:
 
  -subj "/C=SE/ST=Stockholm/L=Stockholm/O=YourNameHere/OU=IT/CN=your.domain.here"
 
  -subj "/C=SE/ST=Stockholm/L=Stockholm/O=YourNameHere/OU=IT/CN=your.domain.here"
  
This will create server.mumble.csr. Copy and paste the contents of the file into the appropriate box in the StartCom web. The certificate is generated and the contents should be placed in a new file, ssl_mumble.crt.
+
This will create server.mumble.csr.  
 +
 
 +
After authenticating to the StartSSL website (assuming you've already added your domain to StartSSL and verified it), click "Certificates Wizard", select "Web Server SSL/TLS Certificate" from the Certificate Target dropdown box, and click "Continue".
 +
 
 +
Skip the key generation step because we've already generated a key using OpenSSL above. You will now have a text area that you can paste your CSR in, so paste the entire CSR in and click "Continue".
 +
 
 +
After the certificate is generated the contents should be placed in a new file, ssl_mumble.crt.
  
 
  cat ca.pem >> ssl_mumble_concat.crt
 
  cat ca.pem >> ssl_mumble_concat.crt

Revision as of 19:33, 20 January 2010

This is a quick hands-on guide for obtaining and installing a Class 1 server certificate in murmur on a reasonably modern Linux system.

wget --no-check-certificate https://www.startssl.com/certs/sub.class1.server.ca.pem
wget --no-check-certificate https://www.startssl.com/certs/ca.pem
openssl req -nodes -newkey rsa:2048 -nodes -keyout mumble.key -out server_mumble.csr \ 
-subj "/C=SE/ST=Stockholm/L=Stockholm/O=YourNameHere/OU=IT/CN=your.domain.here"

This will create server.mumble.csr.

After authenticating to the StartSSL website (assuming you've already added your domain to StartSSL and verified it), click "Certificates Wizard", select "Web Server SSL/TLS Certificate" from the Certificate Target dropdown box, and click "Continue".

Skip the key generation step because we've already generated a key using OpenSSL above. You will now have a text area that you can paste your CSR in, so paste the entire CSR in and click "Continue".

After the certificate is generated the contents should be placed in a new file, ssl_mumble.crt.

cat ca.pem >> ssl_mumble_concat.crt
cat sub.class1.server.ca.pem >> ssl_mumble_concat.crt
cat ssl_mumble.crt >> ssl_mumble_concat.crt

Now the file ssl_mumble_concat.crt contains the certificate, and mumble.key contains the key. Move the files into the same folder as murmur.ini and edit the following two lines:

sslCert=ssl_mumble_concat.crt
sslKey=mumble.key

Restart murmur and you're done.