Create a self-signed certificate

From UFP-UV Sakai Wiki

Jump to: navigation, search

1. Use existing key. If does not exist, generate new private key:

openssl genrsa -des3 -out my-server.key 1024

2. Create a Certificate Signing Request (CSR)

openssl req -new -set_serial 01 -key ../my-server.key -out my-server.csr

3. Sign your CSR:

openssl x509 -req -days 3650 -set_serial 01 -in my-server.csr -signkey ../my-server.key -out my-server.cert

4. Remove the PassPhrase From Your Private Key

cp my-server.key my-server.key.secure
openssl rsa -in my-server.key.secure -out my-server.key

5. Install it:

cp (all) /etc/httpd/conf
chmod 400 (all)

6. Reload Apache:

/etc/init.d/httpd restart

See: http://www.xenocafe.com/tutorials/linux/centos/openssl/self_signed_certificates/index.php

Personal tools