Rustybear Blog

Fri, 11 Aug 2006

Create a new SSL certificate for Apache

Go to /etc/apache-ssl and backup apache.pem before you do anything else.  The
location of this file may be different depending upon your Apache setup.

Install the Debian package ssl-cert.

Check to make sure you have the standard template file:
    /usr/share/ssl-cert/ssleay.cnf

If you don't, make sure you have openssl installed.

cd over to a temporary working directory that you have write access to.

Run the command:
    make-ssl-cert /usr/share/ssl-cert/ssleay.cnf privkey.pem

This will create a private key for the server named privkey.pem.  
When complete with this process, store this file off site.

Next run the command:

    openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095

This will create a server certificate called cacert.pem, good for 3 years.

Next run the command:

    cat privkey.pem cacert.pem > apache.pem

This will create the complete certificate needed for apache.  Copy it over to
the directory where the pre-existing apache.pem was that you backed up
eariler.

Don't forget to move the privkey.pem off site.

Posted at: 01:36 | category: /configure | Comments ()

Categories

• • / (67)
  • commands/ (19)
  • configure/ (11)
  • database/ (6)
  • • mysql/ (3)
    • postgresql/ (1)
  • dev/ (8)
  • django/ (1)
  • gimp/ (3)
  • graphics/ (5)
  • mail/ (9)
  • other/ (2)
  • vi/ (3)

Links

• Python
• Debian

<	August 2006					>
Su	Mo	Tu	We	Th	Fr	Sa
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31