1. generate a private key ( Tag - self signed certificate for apache)
openssl genrsa -des3 -out yourdomain.com.key 1024
2. Generate CSR ( Tag - self signed certificate for apache)
openssl req -new -key yourdomain.com.key -out yourdomain.com.csr
Now enter all details as shown below
Country Name (2 letter code) [GB]:IN
State or Province Name (full name) [Berkshire]:WB
Locality Name (eg, city) [Newbury]:Kolkata
Organization Name (eg, company) [My Company Ltd]:ABC Co
Organizational Unit Name (eg, section) []:Information Technology
Common Name (eg, your name or your server's hostname) []:www.yourdomain.com
Email Address []:admin@yourdomain.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
3. Remove passphrase ( Tag - self signed certificate for apache)
cp yourdomain.com.key yourdomain.com.key.orig
openssl rsa -in yourdomain.com.key.orig -out yourdomain.com.key
4. generate certificate ( Tag - self signed certificate for apache)
openssl x509 -req -days 730 -in yourdomain.com.csr -signkey yourdomain.com.key -out yourdomain.com.crt
5. Copy required files
cp server.crt /etc/apache2/conf/ssl.crt
cp server.key /etc/apache2/conf/ssl.key
6: Configuring SSL In Apache( Tag - self signed certificate for apache)
User the SSL Vhosts or in main configuration file
put
--------------------------------------------------------------
SSLEngine on
SSLCertificateFile /etc/apache2/conf/ssl.crt
SSLCertificateKeyFile /etc/apache2/conf/ssl.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
--------------------------------------------------------------
7: Restart Apache ( Tag - self signed certificate for apache)
/etc/init.d/apache2 stop
/etc/init.d/apache2 stop
You are done , now test :)
No comments:
Post a Comment