### Generate a server key and request for signing (csr).
openssl genrsa -des3 -out server.key 4096
openssl req -new -key server.key -out server.csr
####Sign the certificate signing request (csr) with the self-created Certificate Authority (CA)
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial01 -out server.crt
####Make a server.key which doesn't cause Apache to prompt for a password.
openssl rsa -in server.key -out server.key.insecure
mv server.key server.key.secure
mv server.key.insecure server.key
####copy them into position.
cp server.key /etc/apache2/ssl.key
cp server.crt /etc/apache2/ssl.crt
cp server.csr /etc/apache2/ssl.csr
### Restart apache
/etc/init.d/apache2 restart
No comments:
Post a Comment