Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
wiki:ssl_cert [2010/05/02 15:24] – rgareus | wiki:ssl_cert [2013/06/02 15:45] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 20: | Line 20: | ||
openssl x509 -req -days 365 -in $SERVER.csr -CA $CA.crt -CAkey $CA.key -set_serial 01 -out $SERVER.crt | openssl x509 -req -days 365 -in $SERVER.csr -CA $CA.crt -CAkey $CA.key -set_serial 01 -out $SERVER.crt | ||
- | more information at %%http:// | + | and pass the CRT (signed server certificate) back to you.. |
+ | |||
+ | You'll want to unlock server key - so that no password is required when starting the server: | ||
+ | openssl rsa -in $SERVER.key -out $SERVER.key.insecure | ||
+ | mv $SERVER.key $SERVER.key.secure | ||
+ | mv $SERVER.key.insecure $SERVER.key | ||
+ | chmod 0600 $SERVER.key | ||
+ | |||
+ | and edit your apache config adding these: | ||
+ | SSLEngine On | ||
+ | SSLCertificateFile / | ||
+ | SSLCertificateKeyFile / | ||
+ | |||
+ | more information at %%http:// | ||
===== GPG/PGP key signing ===== | ===== GPG/PGP key signing ===== |