path of the CA files
/usr/lib/ssl/misc (CA.pl samples)
/usr/lib/ssl/openssl.cnf
Step 1.
# vi /usr/lib/ssl/openssl.cnf
and make some change to the script
dir = ./demoCA
default_bits = 2048
default_days = 365
Step 2.
# cd /usr/lib/ssl
# /usr/lib/ssl/misc/CA.pl -newca
(and /private/cakey.pem is created as the private key)
Step 3.
# openssl req -nodes -new -keyout yourserver.key -out yourserver.req -days 365 -config ./openssl.cnf
(and two files : yourserver.key and yourserver.req are created)
Step 4.
# openssl req -x509 -new -key /usr/lib/ssl/yourserver.key -days 1000 -config ./openssl.cnf -out yourserver.crt
(and yourserver.crt is created)
For matching your website name, you should use the URL from your webpage as Common Name, eg : www.yourdomain.com
Change Server cert path in /etc/httpd/conf/ssl/ssl.default-vhost.conf (or where your ssl path is, can be in /etc/httpd/conf/httpd.conf)
You have to restart Apache after certs path changed !
skip to main |
skip to sidebar
關於我自己
標籤
- 2012 Linux Opensource Events videos (2)
- 高科技生活 (6)
- 網絡新聞 (25)
- 駭客 (9)
- Apple (2)
- blogger twitter events (1)
- Firefox (1)
- Google news (2)
- Hardware (8)
- IBM (1)
- Linux events (7)
- Linux general commands (5)
- Linux Market (3)
- Linux Opensource events (27)
- Linux script (1)
- Linux server commands (2)
- Linux Talk (10)
- Microsoft (5)
- Phone (13)
- Phone apps (8)
- Security (54)
- Ubuntu (1)
- Worm Alert (1)
- Yahoo (1)
我的網誌清單
有用網址
- 香港電腦保安
- ICAT vulnerabilities list
- www.linuxsecurity.com
- trendmicro virus scanning
- Wellknown port numbers
- Trojan ports
- test your browser
- sourceforge free softwares
- freshmeat free softwares
- www.download.com
- www.topdownloads.net
- www.tucows.com
- www.adobe.com
- www.flash.com
- www.shockwave.com
- Hong Kong Domain Registration
- www.hkix.net
- broadband speed test
沒有留言:
張貼留言