I have purchase a SSL certificate from a CA and want to use to allow secure remote access to my Home Assistant running in a VMWare Virtual OS downloaded from the prebuilt HA VMWare images.
The certificates I received are:
mydoamin_ssl_certificate.cer
mydomain._ssl_certificate_INTERMEDIATE.cer
I believe I need to use MGINX addon but the setup quires *.pem files for certificate and intermediate certificate.
Am I in the correct direction to get working and if so how do I get the pem files? it is as easy is running openssl x509 -in cert.cer -out cert.pem?
The HA os which I have puttyed to does not have openSSL installed? can I run from another OS?
Does it matter if the certificate is purchased or generated by let’s encrypt? I don’t think so but you can use any certificate as long as you have the the needed files and put these files in correct folder inside home assistant and configure nginx to consume these. Can you ask your provider to share pem files with you?
On the first question, https enables encryption on the transportation layer. As long as it is encrypted with a certificate, it should be ok. When you buy your certificate from a company, it would have a longer period of validity and less chance of being discarded by browsers.
generally with certificate files you can just change the file extention without too many issues being caused. so yes you could run it through openssl but you can also just rename the files. .cer .pem and .der are more or less used interchangably so you should be fine to rename to .pem.
from the shell in your putty session type openssl and press enter and you’ll be dropped into the openssl command line. openssl is an integral part of linux, just checked on my HA and its there so you should be good too.