|
Apache SSL (HTTPS) Secure Certificates
First you need to create an RSA private key.
openssl genrsa -des3 -out server.key 1024
For security this is not advised, but you can
create an insecure version of the key if you want to have
Apache capable of starting without entering the key.
openssl rsa -in server.key -out server.unsecure.key
If you only need a self signed certificate, this is all you need.
openssl req -new -key server.key -x509 -days 999 -out server.crt
If you want a CA (Certificate Authority) officially signed certificate,
you will need to create the CSR (Certificate Signing Request) to send them.
openssl req -new -key server.key -out server.csr
openssl req -noout -text -in server.csr
Submit the CSR you just generated to your preferred CA and follow
their instructions to receive your signed certificate file.
Here is a very minimal version of what you need to enter into
your Apache configuration to have an SSL (HTTPS) enabled website.
vi /etc/httpd/conf.d/ssl.conf
#---
SSLEngine on
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /etc/httpd/conf/ssl/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl/server.key
#SSLCertificateKeyFile /etc/httpd/conf/ssl/server.unsecure.key
#---
- Scotech
| 
