how to generate a SSL certificate with Apache and mod_ssl
Description
Before you begin, you must have openssl already installed.
1) The first step is to create your RSA Private Key. This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text. We will use several files as random seed enhancers which will help to make the key more secure. Text files that have been compressed with a utility such as gzip are good choices. The key is generated using the following command, where file1:file2:etc represents the random compressed files.
The command will prompt you for a pass-phrase and then store the key in the file server.key. It is critical that the pass-phrase be secure and not forgotten.
2) Once the private key is generated, a Certificate Signing Request can be generated.:
This will create a certificate valid for 365 days.
3) Once you receive your certificate or you generated a self-signed one, you are now ready to install it. One unfortunate side-effect of the pass-phrased private key is that Apache will ask for the pass-phrase each time the web server is started. To avoid this, type:
# openssl rsa -in server.key -out server.pem
4) Now secure the server.pem file so only root can read it:
# chmod 400 server.pem
5) Now install the private key and certificate. Look for the following lines in your Apache configuration file, httpd.conf (or ssl.conf if it is an include):
Sunday May 27, 2012
Category Search coolcommands.com
