Create a .pem file for SSL Certificate Installations

 

Creating a .pem with the Entire SSL Certificate Trust Chain

  1. Log into your DigiCert Management Console and download your Intermediate (DigiCertCA.crt), Root (TrustedRoot.crt), and Primary Certificates (your_domain_name.crt).
  2. Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:

    1. The Primary Certificate – your_domain_name.crt
    2. The Intermediate Certificate – DigiCertCA.crt
    3. The Root Certificate – TrustedRoot.crt

    Make sure to include the beginning and end tags on each certificate. The result should look like this:

    —–BEGIN CERTIFICATE—– 
    (Your Primary SSL certificate: your_domain_name.crt) 
    —–END CERTIFICATE—– 

    —–BEGIN CERTIFICATE—– 
    (Your Intermediate certificate: DigiCertCA.crt) 
    —–END CERTIFICATE—– 

    —–BEGIN CERTIFICATE—– 
    (Your Root certificate: TrustedRoot.crt) 
    —–END CERTIFICATE—–

    Save the combined file as your_domain_name.pem. The .pem file is now ready to use.

Creating a .pem with the Server and Intermediate Certificates

  1. Log into your DigiCert Management Console and download your Intermediate (DigiCertCA.crt) and Primary Certificates (your_domain_name.crt).
  2. Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:

    1. The Primary Certificate – your_domain_name.crt
    2. The Intermediate Certificate – DigiCertCA.crt

    Make sure to include the beginning and end tags on each certificate. The result should look like this:

    —–BEGIN CERTIFICATE—– 
    (Your Primary SSL certificate: your_domain_name.crt) 
    —–END CERTIFICATE—– 

    —–BEGIN CERTIFICATE—– 
    (Your Intermediate certificate: DigiCertCA.crt) 
    —–END CERTIFICATE—–

    Save the combined file as your_domain_name.pem. The .pem file is now ready to use.

Creating a .pem with the Private Key and Entire Trust Chain

  1. Log into your DigiCert Management Console and download your Intermediate (DigiCertCA.crt) and Primary Certificates (your_domain_name.crt).
  2. Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order:

    1. The Private Key – your_domain_name.key
    2. The Primary Certificate – your_domain_name.crt
    3. The Intermediate Certificate – DigiCertCA.crt
    4. The Root Certificate – TrustedRoot.crt

    Make sure to include the beginning and end tags on each certificate. The result should look like this:

    —–BEGIN RSA PRIVATE KEY—– 
    (Your Private Key: your_domain_name.key) 
    —–END RSA PRIVATE KEY—– 

    —–BEGIN CERTIFICATE—– 
    (Your Primary SSL certificate: your_domain_name.crt) 
    —–END CERTIFICATE—– 

    —–BEGIN CERTIFICATE—– 
    (Your Intermediate certificate: DigiCertCA.crt) 
    —–END CERTIFICATE—– 

    —–BEGIN CERTIFICATE—– 
    (Your Root certificate: TrustedRoot.crt) 
    —–END CERTIFICATE—–

    Save the combined file as your_domain_name.pem. The .pem file is now ready to use.

 

 

Source: 

https://www.digicert.com/ssl-support/pem-ssl-creation.htm

HAProxy SSL SNI Configuration

 

 

http://blog.haproxy.com/2012/04/13/enhanced-ssl-load-balancing-with-server-name-indication-sni-tls-extension/

 

Adding SSL Cert

 

Create SSL Bundle in this order

certificate, intermediate, intermediate, key,


Should modify haproxy.cfg to look like this


 

# Single VIP with sni content switching
frontend ft_ssl_vip
bind 10.10.10.0:443 ssl crt /etc/ssl/certs/your.bundle.pem
mode tcp

 



Creds:

http://serverfault.com/questions/622206/haproxy-1-5-3-openssl-creating-pem 



How to fix, “Your web server is not yet properly setup to allow files synchronization because the WebDAV interface seems to be broken. Please double check the installation guides.” Owncloud installation error message

Article purpose: 

How to fix “Your web server is not yet properly setup to allow files synchronization because the WebDAV interface seems to be broken. Please double check the installation guides.

Using Owncloud 7.01

Symptoms

Your web server is not yet properly setup to allow files synchronization because the WebDAV interface seems to be broken. Please double check the installation guides

WebDav doesn’t work, file sync doesn’t work.

 

 

How to verify the fix has worked.

Got to User->Admin and the error notice will no longer be displayed indicating that all is well with WebDav.

Your web server is not yet properly setup to allow files synchronization because the WebDAV interface seems to be broken. Please double check the installation guides

 

Diagnosis

How to trace down the issue and fix it.

Apache Logs might say something like this

 

 [warn] RSA server certificate wildcard CommonName (CN) `*.host.com' does NOT match server name!?
 [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

 

The own cloud logs, located at this path

/data/owncloud.log

Might contain entries like these

{“app”:”core”,”message”:”isWebDAVWorking: NO – Reason: [CURL] Error while making request: SSL: certificate subject name ‘*host.com’ does not match target host name ‘host.com’ (error code: 51) (Sabre_DAV_Exception)”,”level”:2,”time”:”}

 

Remedy

Purchase and install SSL certificate and apply to the web host which is serving the OwnCloud pages.

 

How to fix “Your web server is not yet properly setup to allow files synchronization because the WebDAV interface seems to be broken. Please double check the installation guides.