By: Gene Liverman user 26 Jul 2016 at 12:02 p.m. CDT

4 Responses

I have read the docs on [how to replace certain certs](https://www.gluu.org/docs/gluu-defaults/certificates/) in Gluu but was wondering if there are any particular recommendations on what all certs should be changed out, and if they should all be the same cert, when using one singed by a recognized CA. Here's what the installer showed as what I am setting up: ``` Install oxAuth True Install oxTrust True Install LDAP True Install Apache 2 web server True Install Shibboleth 2 SAML IDP True Install Asimba SAML Proxy False Install CAS True Install oxAuth RP False ``` Thanks in advance for the help!

CentOS67

closed

By Mohib Zico Account Admin 27 Jul 2016 at 2:22 a.m. CDT

Copy

It varies organization to organization and on their policies but I think you just apply CA signed cert for httpd.

By Gene Liverman user 27 Jul 2016 at 6:50 a.m. CDT

Copy

Based on that, updating httpd.crt and the associated entry in the keystore should be enough then, right?

By Mohib Zico Account Admin 27 Jul 2016 at 6:59 a.m. CDT

Copy

Yes. https://gluu.org/docs/gluu-defaults/certificates/#apache

By Gene Liverman user 27 Jul 2016 at 7:01 a.m. CDT

Copy

Thank you!

You need to Login in order to post an answer

Recommended usage of commercial certs

By: Gene Liverman user 26 Jul 2016 at 12:02 p.m. CDT

Answers

By Mohib Zico Account Admin 27 Jul 2016 at 2:22 a.m. CDT

By Gene Liverman user 27 Jul 2016 at 6:50 a.m. CDT

By Mohib Zico Account Admin 27 Jul 2016 at 6:59 a.m. CDT

By Gene Liverman user 27 Jul 2016 at 7:01 a.m. CDT

Post an answer