kerkerj
[Apache] SSL (self-signed & purchased version)
2014-06-19 00:00
1 minute read

[Self-signed]

  1. Generate a host key:

    sudo ssh-keygen -f host.key

  2. Generate a certificate request file

    sudo openssl req -new -key host.key -out request.csr

Type what you want:

  Country Name (2 letter code) [AU]:TW
  State or Province Name (full name) [Some-State]:Taiwan
  Locality Name (eg, city) []:Taipei
  Organization Name (eg, company) [Internet Widgits Pty Ltd]:
  Organizational Unit Name (eg, section) []:
  Common Name (e.g. server FQDN or YOUR name) []:
  Email Address []:
  
  Please enter the following 'extra' attributes
  to be sent with your certificate request
  A challenge password []:
  An optional company name []:

  1. Create the SSL certificate sudo openssl x509 -req -days 365 -in request.csr -signkey host.key -out server.crt

    Create a nopass’ key (optional) openssl rsa -in host.key -out host.nopass.key

  2. Configure Apache LoadModule ssl_module libexec/apache2/mod_ssl.so

SSLEngine on 
SSLCertificateFile "/etc/apache2/ssl/server.crt"
SSLCertificateKeyFile "/etc/apache2/ssl/host.nopass.key"

sudo apachectl configtest 
sudo apachectl restart

p.s. enable mods: sudo a2enmod ssl enable sites: sudo a2ensite default-ssl

[Purchased (Symantec)]

[http://www.symantec.com/tv/products/details.jsp?vid=1452855338001]


Back to posts


comments powered by Disqus