Difference between revisions of "Setting up https secure connection"

From Kolmisoft Wiki
Jump to navigationJump to search
Line 10: Line 10:


Generate Self Signed Key
Generate Self Signed Key
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt


Move the files to the correct locations
Move the files to the correct locations

Revision as of 15:40, 4 March 2010

For an SSL encrypted web server you will need a few things. Depending on your install you may or may not have OpenSSL and mod_ssl, Apache's interface to OpenSSL. 

yum -y install mod_ssl openssl

Generate private key 

openssl genrsa -out ca.key 1024

Generate CSR 

openssl req -new -key ca.key -out ca.csr

Generate Self Signed Key 

openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

Move the files to the correct locations 

mv ca.crt /etc/pki/tls/certs
mv ca.key /etc/pki/tls/private/ca.key
mv ca.csr /etc/pki/tls/private/ca.csr

Then we need to update the Apache SSL configuration file. Change the paths to match where the Key file is stored. If you've used the method above it will be. 

SSLCertificateFile /etc/pki/tls/certs/ca.crt

Then set the correct path for the Certificate Key File a few lines below. If you've followed the instructions above it is: 

SSLCertificateKeyFile /etc/pki/tls/private/ca.key

Quit and save the file and then restart Apache 

/etc/init.d/httpd restart

Source: http://shapeshed.com/journal/setting_up_mod_ssl_on_apache_centos_52/

Retrieved from "https://wiki.kolmisoft.com/index.php?title=Setting_up_https_secure_connection&oldid=6359"