Linux Forums - Linux Help,Advice & support community:LinuxSolved.com

Linux in General => Linux Tutorials & How To's => Topic started by: dragoncity99 on October 29, 2009, 05:32:17 PM

Title: How To - Generate Apache SSL Certificate
Post by: dragoncity99 on October 29, 2009, 05:32:17 PM
 1. Generate a Private Key
This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text.

    openssl genrsa -des3 -out server.key 1024



2. Generate a CSR (Certificate Signing Request)

    openssl req -new -key server.key -out server.csr



3. Remove passphrase from key

    cp server.key server.key.org
    openssl rsa -in server.key.org -out server.key



4. Generating a Self-Signed Certificate for 365 days.

    openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt



5. Install the private key and certificate

    cp server.crt /usr/local/apache/conf/ssl.crt
    cp server.key /usr/local/apache/conf/ssl.key



6. Configuring SSL Enabled Virtual Hosts

    SSLEngine on
    SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
    SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    CustomLog logs/ssl_request_log \
    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"



7. Restart apache and test

    service httpd restart