This article describes how to install UNMS using another certificate, other than the default LetsEncrypt option found in UNMS.
Table of Contents
Prepare the Certificate
Create ".pem" versions of the public key full chain and the private key:
1. Install OpenSSL on the Windows desktop if not already installed.
2. Copy the full chain .pfx to the computer, eg. to C:\Program Files\OpenSSL-Win64\bin\
3. Open a command prompt and go to the folder used in the step above, and run:
openssl pkcs12 -in your-new-full-chain.pfx -nocerts -out privatekey.pem -nodes
openssl pkcs12 -in your-new-full-chain.pfx -nokeys -out public-cert.pem -nodes
4. Both times, you are prompted for the SSL certificate encryption password. You provided this when you made the PFX. This produces two files: 'privatekey.pem' and 'public-cert.pem'.
5. Copy these files to the UNMS server in the /etc/certificates directory (it is possible to use programs like WinSCP or similar to move the files).
Delete the Old Certificate
Run these commands to remove the old data:
sudo chmod a+rwx cert
sudo chmod a-rwx cert
sudo chmod u+rw cert
At this point, it is necessary to reinstall UNMS by running again the installation script with this command:
curl -fsSL https://unms.com/v1/install > /tmp/unms_inst.sh && sudo bash /tmp/unms_inst.sh --ssl-cert-dir /etc/certificates --ssl-cert put-the-name-of-fullchain.pem --ssl-cert-key put-name-of-privkey.pem