Problem with DA and SSL

[Mr. Jinx]

I just ordered an SSL certificate for use with DA (admin interface).
However I just discovered DA doesn't like DES3 encrypted .key file
When I start DA it just stops telling the .key file is not correct.

I used this to create the key:
openssl genrsa -des3 -out domainname.key 1024

It now looks likes this:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,84F8176D35A15AEE

FoE09JkTso38yqqkGfZvsRkltlBnJ484s0Rck2+G7xUZXN5hEvUMDvciMiRcOQm4
LIGxa5i.................etc

Is there a way to decrypt this file? (yes I know the passphase )

 

[Webcart]

Actually, you don't want to "decrypt" the private key, you want to convert it to a different format Try this command:

openssl rsa -in domainname.key

or google for something like "how to convert private key to RSA format" for more info.

 

[CrazyLane]

This is how I install ssl for server:

Make key
cd /etc/httpd/conf/ssl.key/

create CSR

openssl genrsa -out server.key 1024
openssl req -new -key server.key -out server.csr

Copy CSR

pico server.csr

Add CRT

pico -w /etc/httpd/conf/ssl.crt/server.crt

Check for port 443

### DirectAdmin on SLL

pico -w /usr/local/directadmin/conf/directadmin.conf

Change ds ssl to 1

Change ssl location to:


cacert=/etc/httpd/conf/ssl.crt/server.crt
cakey=/etc/httpd/conf/ssl.key/server.key