Linux Forums - Linux Help,Advice & support community:LinuxSolved.com
Linux in General => Linux Tutorials & How To's => Topic started by: dragoncity99 on October 29, 2009, 05:32:17 PM
-
1. Generate a Private Key
This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text.
openssl genrsa -des3 -out server.key 1024
2. Generate a CSR (Certificate Signing Request)
openssl req -new -key server.key -out server.csr
3. Remove passphrase from key
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
4. Generating a Self-Signed Certificate for 365 days.
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
5. Install the private key and certificate
cp server.crt /usr/local/apache/conf/ssl.crt
cp server.key /usr/local/apache/conf/ssl.key
6. Configuring SSL Enabled Virtual Hosts
SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
7. Restart apache and test
service httpd restart