Install Of Certificates Using SFTP Protocols


#1

Hi, I am nervous using ssh (putty) in case I mess anything up accidentally however,

I am much more confident if i can see whats where with a software like WinSCP which uses putty but has a more graphical interface,

can anyone guide me to a simple manual install (apache centos) without doing it so “blind”

thanks!


#2

Hi @wiziwiz,

Certbot is a command-line program which expects you to type specific commands and interact with the program textually. SFTP is just for uploading files, which is a different thing even though both use the SSH protocol for security.

There are many alternatives to Certbot and many of them will allow you to get a certificate without running commands on your server. However, you would still have to install the certificate somehow, which requires modifying the Apache configuration files.


#3

Thanks for the tip!

I will follow the instructions.


#4

hi @wiziwiz

I don’t think you have explained your problem space

Putty and WinSCP are SFTP clients. They will transfer the certificates for you but they will not install them

Can I confirm a couple of things

A) Are you trying to use a windows based client to generate the certificates and then install them on a Linux Machine
B) It is possible to upload the certificates to a folder eg /etc/mycerts and have a web browsers to point to those certificates
C) Apache needs a restart after you upload the certificates - how are you planning to do that?

Review: https://winscp.net/eng/docs/remote_command

While technically what you are describing is possible you are trying to use tools that are designed to move files to do more than that

As an aside - SFTP is a subset of SSH and most SFTP sessions for security reasons do not allow an interactive shell (i.e. let you run commands like service restart)

Andrei


#5

Careful with equating these two: PuTTY is also an interactive SSH client for using a remote command-line session on a server! Many users will, for example, run Certbot on their servers via PuTTY.


#6

Thanks for the concern - I will ask my hosting provider to do the install and restart,


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.