diff --git a/README.md b/README.md index 5be85899598ee2859bf13203c69466aa8ebfcaf5..60627daecac44c913c44c41a6db55e9c777b675e 100644 --- a/README.md +++ b/README.md @@ -9,9 +9,9 @@ 4. Verify your ``certrequest.pem`` with ``openssl req -in certrequest.pem -text`` 5. Make a request with the certificate request file at your responsible office. 6. Unencrypt your private key with: ``openssl rsa -in domain.key.pem.enc -out domain.key.pem``. -7. Move your unencrypted private key file with ``sudo mv /opt/otree/temp/private-key.pem /etc/ssh/private/domain.key.pem.enc``. (Note: Verify permissions! 0600) +7. Move your unencrypted private key file with ``sudo mv /opt/otree/temp/private-key.pem /etc/ssl/private/domain.key.pem.enc``. (Note: Verify permissions! 0600) 8. Upload the obtained certificate and the certificate chain onto your server into ``/opt/otree/temp`` and append the chain (PA-Cert) to the certificate with ``cat pa-chain.pem >> cert-myserver.pem``. -9. Lastly move the certificate to the correct location: ``sudo mv /opt/tree/temp/cert-myserver.pem /etc/ssh/certs/domain.crt.pem`` (Note: Verify permissions! 0644) +9. Lastly move the certificate to the correct location: ``sudo mv /opt/tree/temp/cert-myserver.pem /etc/ssl/certs/domain.crt.pem`` (Note: Verify permissions! 0644) ### place ssl/tls certificate and key-file (unfortunately not scriptable due to security best-practices) 1. Use ``scp mycert.crt user@host:/home/user/`` and ``scp mycert.key user@host:/home/user/`` or use [WinSCP](https://de.wikipedia.org/wiki/WinSCP) to copy over the certificate files.