Problem: You want to obtain an SSL certificate from a trusted certifying authority(CA)
Solution: Generate a Certificate Signing Request(CSR)
# make -f /usr/share/ssl/certs/Makefile filename.csr
OR
# openssl req -x509 -nodes -days 365 -newkey rsa:2048
-keyout mysitename.key -out mysitename.crt
and send filename.csr to the CA
Make sure that the certificate you have received is in PEM format. Suppose it's in the file cert.pem then decrypt your private key and append it to this file
# openssl rsa -in foo.key >> cert.pem
and then as root
# chown root.root cert.pem
# chmod 400 cert.pem
OR
Generating RSA private key, 1024 bit long modulus.
Solution: Generate a Certificate Signing Request(CSR)
# make -f /usr/share/ssl/certs/Makefile filename.csr
OR
# openssl req -x509 -nodes -days 365 -newkey rsa:2048
-keyout mysitename.key -out mysitename.crt
and send filename.csr to the CA
Make sure that the certificate you have received is in PEM format. Suppose it's in the file cert.pem then decrypt your private key and append it to this file
# openssl rsa -in foo.key >> cert.pem
and then as root
# chown root.root cert.pem
# chmod 400 cert.pem
OR
First, generate a private key on the Linux server that runs Apache webserver using openssl command as shown below.
Generating RSA private key, 1024 bit long modulus.
# openssl genrsa -des3 -out www.ctechz.com.key 1024
Using the key generate above, you should generate a certificate request file (csr) using openssl as shown below.
# openssl req -new -key www.ctechz.com.key -out www.ctechz.com.csr
No comments:
Post a Comment