Difference between revisions of "Obtaining a StartCom Murmur Certificate"

From Mumble Wiki
Jump to: navigation, search
Line 2: Line 2:
  
 
  wget --no-check-certificate https://www.startssl.com/certs/sub.class1.server.ca.pem
 
  wget --no-check-certificate https://www.startssl.com/certs/sub.class1.server.ca.pem
wget --no-check-certificate https://www.startssl.com/certs/ca.pem
 
 
  openssl req -nodes -newkey rsa:2048 -nodes -keyout mumble.key -out server_mumble.csr \  
 
  openssl req -nodes -newkey rsa:2048 -nodes -keyout mumble.key -out server_mumble.csr \  
 
  -subj "/C=SE/ST=Stockholm/L=Stockholm/O=YourNameHere/OU=IT/CN=your.domain.here"
 
  -subj "/C=SE/ST=Stockholm/L=Stockholm/O=YourNameHere/OU=IT/CN=your.domain.here"
  
This will create server.mumble.csr.  
+
This will create server_mumble.csr.  
  
 
After authenticating to the StartSSL website (assuming you've already added your domain to StartSSL and verified it), click "Certificates Wizard", select "Web Server SSL/TLS Certificate" from the Certificate Target dropdown box, and click "Continue".
 
After authenticating to the StartSSL website (assuming you've already added your domain to StartSSL and verified it), click "Certificates Wizard", select "Web Server SSL/TLS Certificate" from the Certificate Target dropdown box, and click "Continue".
  
Skip the key generation step because we've already generated a key using OpenSSL above. You will now have a text area that you can paste your CSR in, so paste the entire CSR in and click "Continue".
+
Skip the key generation step because we've already generated a key using OpenSSL above. You will now have a text area were you can paste the contents of server_mumble.csr. Paste the contents of server_mumble.csr and click "Continue".
  
After the certificate is generated the contents should be placed in a new file, ssl_mumble.crt.
+
After the certificate is generated the contents of the textarea should be placed in a new file, ssl_mumble.crt.
  
cat ca.pem >> ssl_mumble_concat.crt
 
 
  cat sub.class1.server.ca.pem >> ssl_mumble_concat.crt
 
  cat sub.class1.server.ca.pem >> ssl_mumble_concat.crt
 
  cat ssl_mumble.crt >> ssl_mumble_concat.crt
 
  cat ssl_mumble.crt >> ssl_mumble_concat.crt

Revision as of 19:46, 20 January 2010

This is a quick hands-on guide for obtaining and installing a Class 1 server certificate in murmur on a reasonably modern Linux system.

wget --no-check-certificate https://www.startssl.com/certs/sub.class1.server.ca.pem
openssl req -nodes -newkey rsa:2048 -nodes -keyout mumble.key -out server_mumble.csr \ 
-subj "/C=SE/ST=Stockholm/L=Stockholm/O=YourNameHere/OU=IT/CN=your.domain.here"

This will create server_mumble.csr.

After authenticating to the StartSSL website (assuming you've already added your domain to StartSSL and verified it), click "Certificates Wizard", select "Web Server SSL/TLS Certificate" from the Certificate Target dropdown box, and click "Continue".

Skip the key generation step because we've already generated a key using OpenSSL above. You will now have a text area were you can paste the contents of server_mumble.csr. Paste the contents of server_mumble.csr and click "Continue".

After the certificate is generated the contents of the textarea should be placed in a new file, ssl_mumble.crt.

cat sub.class1.server.ca.pem >> ssl_mumble_concat.crt
cat ssl_mumble.crt >> ssl_mumble_concat.crt

Now the file ssl_mumble_concat.crt contains the certificate, and mumble.key contains the key. Move the files into the same folder as murmur.ini and edit the following two lines:

sslCert=ssl_mumble_concat.crt
sslKey=mumble.key

Restart murmur and you're done.