Ping a Specific Port

Question

quickshiftin

Asked: 2013-02-08 12:00:41 +0800 CST2013-02-08 12:00:41 +0800 CST 2013-02-08 12:00:41 +0800 CST

How to combine various certificates into single .pem

772

I've just finished reading over this great thread explaining the different SSL formats.

Now I'm essentially looking for the opposite of How to split a PEM file

There's 4 files I want to consolidate, originally created for Apache, I'm looking at files specified by

SSLCertificateFile
SSLCertificateKeyFile
SSLCertificateChainFile
SSLCACertificateFile

What I'm mostly curious about is the order of the files in the consolidated dereivative, is that important? EG. if I were to just cat them together in the order they appear above, into a .pem, would it be valid, or should they be ordered a specific way?

FYI, I'm doing this for sake of using these certs as a combined single .pem in SimpleSAMLphp.

2 Answers

Voted

Daniel t. · Answer 1 · 2013-02-08T13:39:44+08:00

The order does matter, according to RFC 4346.

Here is a quote directly taken from the RFC:

  certificate_list
    This is a sequence (chain) of X.509v3 certificates.  The sender's
    certificate must come first in the list.  Each following
    certificate must directly certify the one preceding it.  Because
    certificate validation requires that root keys be distributed
    independently, the self-signed certificate that specifies the root
    certificate authority may optionally be omitted from the chain,
    under the assumption that the remote end must already possess it
    in order to validate it in any case.

Based on this information, the server certificate should come first, followed by any intermediate certs, and finally the root trusted authority certificate (if self-signed). I could not find any information on the private key, but I think that should not matter because a private key in pem is easy to identify as it starts and ends with the text below, which has the keyword PRIVATE in it.

 -----BEGIN RSA PRIVATE KEY-----
 -----END RSA PRIVATE KEY-----

tidileboss · Answer 2 · 2016-06-21T12:31:10+08:00

tidileboss

2016-06-21T12:31:10+08:002016-06-21T12:31:10+08:00

Here is the command to combine using cat

cat first_cert.pem second_cert.pem > combined_cert.pem

18

How to combine various certificates into single .pem

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?