/var/log/salman

Posts Tagged ‘openssl’

Self Signed SSL Certificate

Tuesday, June 3rd, 2008

Berikut ini adalah langkah-langkah agar apache+ssl dapat otomatis restart tanpa harus mengisi pass phrase-nya.

1. Generate Private Key
#openssl genrsa -des3 -out server.key 1024

2. Generate CSR
#openssl req -new -key server.key -out server.csr

3. Remove pass phrase from key
#cp server.key server.key.org
#openssl rsa -in server.key.org -out server.key

4. Generate Self Signed Certificate
#openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

5. Installing Private Key and Certificate
#cp server.crt /usr/local/apache/conf/ssl.crt
#cp server.key /usr/local/apache/conf/ssl.key

6. Configuring SSL Enabled Virtual Hosts
SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log \
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”

7. Restart Apache
# apachectl restart

Tags: apache, openssl, pass phrase, private key, rsa, ssl
Posted in *nix | No Comments »

Posts Tagged ‘openssl’

Self Signed SSL Certificate

Pages

Archives

Categories