servername.domain.tld
, named tls.crt
servername.domain.tld
, named tls.key
rootca.crt
. A root certificate is optional but recommended.intermediate.pem
(This certificate may also appear as the second entry in your fullchain.pem
file.)*.servername.domain.tld
, named wildcard.crt
.*.servername.domain.tld
, named wildcard.key
.Previous | Updated |
---|---|
rootca.pem | rootca.crt |
cert.pem | tls.crt |
privkey.pem | tls.key |
tls.crt | wildcard.crt |
tls.key | wildcard.key |
keystore.jks
filename remains unchanged.openjdk
. For example, use the following command to install java-1.8.0-openjdk
on CentOS 7.5:
keystore.jks
file that will be used by Java:
FULLCHAIN.PEM
instead of CERT.PEM
.CHAIN.PEM
to the Root CA./etc/ssl/certs/ca-bundle.trust.crt
. For Ubuntu-based systems, the path to the system CA is /etc/ssl/certs/ca-certificates.crt
.certificates.yaml
file, that you’ll be updating in the next several steps:
test.anaconda.com
:
*.test.anaconda.com
:
rootca.crt
below with the name of the specific file:
rootca.crt
: the root certificate authority bundletls.crt
: the SSL certificate for individual servicestls.key
: the private key for the above certificatewildcard.crt
: the SSL certificate for “wildcard” services, such as deployed apps and sessionswildcard.key
: the private key for the above certificatekeystore.jks
: the Java Key Store containing these certificates used by some servicesopenssl
to verify the certificates and make sure the final Verify return code
is 0
:
/etc/pki/tls/certs/ca-bundle.crt
.