Creating a self-signed SSL Certificate
How to Enable SSL FOR YOUR OWN WEBSITE.
For this you will need the openssl package. First we want to start by generating a private key.
root@localhost# openssl genrsa -out www.rmohan.com.key 1024
Generating RSA private key, 1024 bit long modulus
………….++++++
………………..++++++
e is 65537 (0×10001)
Then, we need to generate the certificate request and fill in the appropriate information. Make sure that the “Common Name” matches the domain you want to protect via SSL, so if you domain was www.rmohan.com, use that. If you wanted to protect rmohan.com (without the www.) then use that.
root@localhost# openssl req -new -key www.rmohan.com.key -out www.rmohan.com.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]:
State or Province Name (full name) [Berkshire]:
Locality Name (eg, city) [Newbury]:
Organization Name (eg, company) [My Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server’s hostname) []:www.rmohan.com
Email Address []:email@rmohan.com
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Next, generate the self-signed certificate. You can specify the number of days the cert is valid for.
root@localhost# openssl x509 -req -days 365 -in www.rmohan.com.csr -signkey www.rmohan.com.key -out www.rmohan.com.crt
Signature ok
subject=/C=/ST=/L=/O=/CN=www.rmohan.com/emailAddress=email@rmohan.com
Getting Private key
Next, move the certificate and keyfile into apache’s SSL directory.
mv www.rmohan.com.key /etc/httpd/conf/ssl.key/
mv www.rmohan.com.crt /etc/httpd/conf/ssl.crt/
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.key/www.rmohan.com.key
SSLCertificateKeyFile /etc/httpd/conf/ssl.crt/www.rmohan.com.crt
When I at first left a comment I clicked the Notify me when new comments are added checkbox and now every time a remark is added I get four emails with the exact same comment.
i like this it’s a great job, keep it up.