Start a new topic

Existing domain SSL cert for new crushftp setup

antlim @ Fri Aug 29 01:27:43 EEST 2014
Hi There,

Need some help here. Appreciate any. Thanks.

We have existing domain published with certificate. We setup a crushftp on a windows box and are trying to use a certificate that is part of our existing domain certificate. Example below.

coxx.com certificate is valid.
crushftp.coxx.com is created. How do we get this cert to be recognized on Crushftp?

Now each time we hit the public page, we are hit with cert warnings. Hope someone could help.

Thanks.

Cheers,
Ant

Solyom84 @ Fri Aug 29 01:48:57 EEST 2014
Hi, antlim.

You can import the certificate into CrushFTP at the admin>> preferences>> encryption>> ssl tab. http://www.crushftp.com/crush7wiki/Wiki.jsp?page=SSL
After you import the certificate test it, if it's successful save the changes you made then go to the admin>> ServerAdmin>>status and there at the https port hover the mouse over and it will appear the restart, and restart the CrushFTP https service.
After that you can test on a browser chrome works best on this, but for the certificate to work properly the sub domain you use to log in needs to be the one you used for the certificate: crushftp.coxx.com .
On a IE you might need to empty the browser cache to see the changes.

Let us know if you have issues.

Thanks,
Arpad.
antlim @ Fri Aug 29 02:58:47 EEST 2014
Thanks Arpad. We will test it out and update back. Cheers,Ant
antlim @ Sun Aug 31 21:09:43 EEST 2014
Hi Arpad,

I have got my pfx certificate. However when I tried to import, it gives an error. I checked out the site that you provided, it seems that only CRT can be imported?

Thanks.

Cheers,
Ant
antlim @ Sun Aug 31 22:39:02 EEST 2014
Hi Arpad,

I have successfully imported our cert. Just to share. I used Portecle to create a new keystone and imported our existing PFX and set an alias to our requirement. Thereafter I set crushftp to use the keystone. Tested working. Prior to all these, I installed Java unlimited JCE Policy.

Thanks so much for the guidance.

Cheers,
Anthoy
spinkb @ Mon Sep 01 00:15:18 EEST 2014
The PFX is a complete keystore, it needs no import. Its the equivalent of the JKS file. So you have improved its contents into the JKS, and that works too.

Thanks,
Ben
antlim @ Mon Sep 01 01:00:13 EEST 2014
HI Ben,

Thanks so much for the clarification. I understand now. Cool.

Cheers,
Anthony
Login to post a comment