FreeRDP use Authority signed SSL certificate

[alexmela78]

I want replace self-sign certificate with a Authority signed certificate. This certificate is already emitted so I have CA boundle, crt and private key.

How I can generate cer to put in wsgate etc directory?

I try a lot of way but service doesn't start with error in event viewer Error while loading certificate: error:0906D06C:PEM routines:PEM_read_bio:no start lineerror:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib

can anyone help me?

thanks

Alessandro Melani

[c64cosmin]

Convert the .crt to .cer then copy it in the /etc.

You can use the OpenSSL binaries: https://info.ssl.com/how-to-der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-conver-them/ Or you could use the certificate exporter from Windows: https://support.software.dell.com/kb/sw13147

[alexmela78]

I use procedure to convert crt to cer .. but now when I try to start service .. I receive this error: Error while loading private key: error:0906D06C:PEM routines:PEM_read_bio:no start lineerror:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib

[c64cosmin]

Look into the private key file and make sure it starts with -----BEGIN RSA PRIVATE KEY----- The "-" and spaces included and ends with -----END RSA PRIVATE KEY-----

Must resemble something like this. EXAMPLE PRIVATE KEY

If that doesn't work, open you private key with a text editor that can "see" special characters (ie. ^M or carriage return). Make sure that each text line doesn't end with carriage return, if it does, remove them.

[alexmela78]

Thanks a lot.. now it works.