2,306
edits
Changes
Jump to navigation
Jump to search
Line 2:
Line 2: − + − + + + + + + + + + + + + + + + + + + + + + + +
no edit summary
== Generate self signed certificate ==
== Generate self signed certificate ==
# Generate a Private Key
# Generate a Private Key
#:<source lang="bash"> openssl genrsa -des3 -out server.key 1024</source>
#:<source lang="bash"> openssl genrsa -des3 -out server.key 1024 </source>
#
# Generate a CSR (Certificate Signing Request)
#:<source lang="bash">openssl req -new -key server.key -out server.csr</source> (YOUR name must be the fully qualified domain name ej: wiki.herrerosolis.com)
# Remove passphrase from key
#:<source lang="bash">cp server.key server.key.org && openssl rsa -in server.key.org -out server.key</source>-rw-r--r-- 1 root root 891 Jun 29 13:22 server.key
# Generate Self-Signed Certificate
#:<source lang="bash">openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt</source>will generate a temporary certificate which is good for 365 days
# Installing the Private Key and Certificate
#* Apache:
## Copy server.crt and server.key to apache conf ssl path
##:<pre>
##:: cp server.crt /usr/local/apache/conf/ssl.crt
##:: cp server.key /usr/local/apache/conf/ssl.key</pre>Apache mod_ssl installed required, path may differ depending on apache how apache was compiled
## Configure Configuring SSL Enabled Virtual Hosts
##:<pre>
##:: SSLEngine on
##:: SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
##:: SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
##:: SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
##:: CustomLog logs/ssl_request_log \
##:: "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"</pre>
## Restart Apache and test
#* Django (Nginx-Gunicorn)
## TODO!