This tutorial shows you how to set up and use your own SSL certificate. This will not be useful for public websites but is okay for development or personal use.
Steps
cd ~
# Generate private key
openssl genrsa -out ca.key 4096
# Generate CSR
openssl req -new -key ca.key -out ca.csr
# Generate Self Signed Key
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
# Copy the files to the correct locations
cp ca.crt /etc/pki/tls/certs
cp ca.key /etc/pki/tls/private/ca.key
cp ca.csr /etc/pki/tls/private/ca.csr
# Generate private key
openssl genrsa -out ca.key 4096
# Generate CSR
openssl req -new -key ca.key -out ca.csr
# Generate Self Signed Key
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
# Copy the files to the correct locations
cp ca.crt /etc/pki/tls/certs
cp ca.key /etc/pki/tls/private/ca.key
cp ca.csr /etc/pki/tls/private/ca.csr
Navigate to your apache config and edit it with the virtualhosts. A normal virtualhost looks like this:
Now you need to add one similar to this:
Now you need to add one similar to this:
Update your ssl configuration file
vi /etc/httpd/conf.d/ssl.conf
Update the line with SSLCertificateFile to point to the new crt file which in this tutorial is:
SSLCertificateFile /etc/pki/tls/certs/ca.crt
Update the line with SSLCertificateKeyFile to point to the new .key file which in this tutorial is:
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
Restart your httpd server:
service httpd restart
This comment has been removed by a blog administrator.
ReplyDeleteUnfortunately your comment had to be deleted due to a link to a paid service. Advertisements are not allowed on this blog. Links to opensource software or alternative tutorials are more than welcome however.
Delete