BreadCrumbs: OpenSSL

OpenSSL

(Difference between revisions)

Revision as of 04:20, 14 July 2008

Create a RSA private key for your CA (will be Triple-DES encrypted and PEM formatted)

openssl genrsa -des3 -out server.key 1024

You can see the details of this RSA private key via the command:

openssl rsa -noout -text -in ca.key

openssl req -new -key server.key -out server.csr

You can create a decrypted PEM version (not recommended) of this private key via:

openssl rsa -in ca.key -out ca.key.unsecure

If you want to run apache without a password rename it correctly:

mv server.unsecure server.key

Generate apache mod_ssl certificate:

openssl x509 -req -days 730 -in server.csr -signkey server.key -out server.crt

Verify contents of certificate:

openssl x509 -noout -text -in server.crt

 == Generate Self-Signed Certificate ==
+Create a RSA private key for your CA (will be Triple-DES encrypted and PEM formatted)
  openssl genrsa -des3 -out server.key 1024
+You can see the details of this RSA private key via the command:
+ openssl rsa -noout -text -in ca.key
  openssl req -new -key server.key -out server.csr
- mv server.key server.key.tmp
+You can create a decrypted PEM version (not recommended) of this private key via:
- openssl rsa -in server.key.tmp -out server.key
+ openssl rsa -in ca.key -out ca.key.unsecure
+If you want to run apache without a password rename it correctly:
+ mv server.unsecure server.key
+Generate apache mod_ssl certificate:
  openssl x509 -req -days 730 -in server.csr -signkey server.key -out server.crt
+Verify contents of certificate:
+ openssl x509 -noout -text -in server.crt