Distribute Certificates

1. StammzertifikatRoot Certificate

~~Das~~The ~~Stammzertifikat~~root ~~muss~~certificate ~~auf~~must ~~alle~~be ~~Geräte~~installed ~~installiert~~on ~~werden,~~all ~~von~~devices ~~denen~~from ~~ihr~~which ~~auf~~you ~~euren~~want ~~Web~~to ~~Server zugreifen~~access / ~~browsen~~browse ~~wollt!~~your Esweb ~~wäre~~server! ~~deshalb~~It ~~ratsam~~is ~~euer~~therefore advisable to have your "~~Zertifikatsverzeichnis"~~certificate ~~auf~~directory" ~~den~~connected ~~jeweiligen~~as ~~Geräten~~a ~~als~~drive ~~Laufwerk~~on ~~verbunden~~the zurespective ~~haben!~~devices!

1.1 MAC

~~Kommando:~~command: "sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" <Verzeichnis><SLD>.pem

1.2 Linux

~~Kommando:~~command: "sudo cp <Verzeichnis><SLD>.pem /usr/local/share/ca-certificates/<SLD>.crt"

~~Kommando:~~command: "sudo update-ca-certificates"

1.3 Windows

~~Kommando:~~command: "WIN + R - Eingabe: certmgr.msc" - OK

~~hoffe,~~hope ~~den~~you ~~Rest bekommt ihr selber~~can "~~zusammen~~click ~~geklickt"~~together" the rest yourself ! 😎

2. Web Server ZertifikatCertificate

2.1 Apache

~~Stellt~~Please ~~bitte~~make ~~sicher,~~sure ~~das~~that ~~ihr~~you have activated "a2enmod ssl" ~~angeschaltet habt!~~!

- ~~geht~~go into ~~das~~the Apache ~~Verzeichnis~~directory "sites-available" ~~und~~and ~~erstellt~~create ~~eine~~a .conf ~~Datei~~file (~~geht~~of ~~natürlich~~course ~~auch~~you ~~mit~~can ~~der~~also use the default-ssl.conf). ~~Solltet~~If ~~ihr~~you ~~mit~~are ~~XAMPP~~running ~~den~~the ~~Web~~web ~~Server~~server ~~betreiben,~~with ~~dann:~~XAMPP, then:

- ~~ändert~~changes ~~die~~the VirtualHost ~~Direktive~~directive

<VirtualHost *:443>
   ServerName <>
   DocumentRoot <>

   SSLEngine on
   SSLCertificateFile <Verzeichnis>/<subdomäne.SLD.TLD>.crt
   SSLCertificateKeyFile <Verzeichnis>/<subdomäne.SLD.TLD>.key
</VirtualHost>

- ~~Kommando:~~command: "a2ensite <der Dateiname>.conf"
- ~~Kommando:~~command: "service apache2 restart"

imin ~~Fall~~the ~~von~~case ~~XAMPP~~of ~~Apache~~XAMPP, ~~stoppen~~stop ~~und~~and ~~wieder~~restart ~~starten!~~Apache!

2.1 NGINX

server {
    listen              443 ssl;
    server_name         <subdomäne.SLD.TLS>;
    ssl_certificate     <Verzeichnis><subdomäne.SLD.TLS>.crt;
    ssl_certificate_key <Verzeichnis><subdomäne.SLD.TLS>.key;
    ssl_protocols       TLSv1.2 TLSv1.3;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    ...
}

~~Jetzt~~But ~~habt~~now esyou've ~~ihr~~done ~~aber geschafft!~~it!!!! 😁 ~~Versteht~~Please ~~bitte,~~understand ~~das~~that esthis ~~hier~~is umabout ~~lokale~~local ~~Zertifikate~~certificates ~~gegangen~~and ~~ist~~not ~~und~~how ~~nicht~~to ~~wie~~generate ~~man eine~~a PI ~~generiert~~or ~~oder~~how ~~wie~~to ~~man~~set ~~einen~~up ~~Webserver~~a ~~aufsetzt~~web ~~oder,~~server ~~oder,~~or, ~~oder.~~or, or, or... EsThe ~~bliebe~~only ~~nur~~thing ~~noch~~left ~~die~~to ~~eigentliche~~complete ~~Randthematik~~the picture is the actual side issue of DNS ~~Resolver~~resolvers. ~~übrig~~Even umif ~~das~~everything ~~Bild~~has ~~abzurunden.~~been ~~Selbst~~done ~~wenn~~correctly, ~~alles~~it ~~richtig~~can ~~gemacht~~happen ~~wurde,~~that ~~kann~~your esdomain ~~euch~~is ~~passieren,~~not ~~das eure Domäne nicht ansprechbar~~accessible in ~~euren~~your ~~Browsern ist.~~browsers.... 😰 ~~Deshalb~~So ~~noch~~here's ~~ein~~a ~~Abschlusskapitel~~final chapter DNS Resolver! Hey, ~~und~~and ~~natürlich~~of ~~auch~~course ~~ein~~a "Gutzi" ~~fürs~~for ~~durchhalten.~~hanging ~~Schaut~~in ~~doch~~there. ~~mal~~Have ~~unter~~a look at "Gutzi" !!!!! 😎