June 13, 2007

Apache SSL

Notes on creating an apache SSL cert

Create CA :
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt

Gen Server Key :
openssl genrsa -des3 -out server.key 4096

Gen Cert Request :
openssl req -new -key server.key -out server.csr
Sign the CA :
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt

Create a decrypted key to avoid  prompt when apache starts :
openssl rsa -in server.key -out server.pem
http://www.tc.umn.edu/~brams006/selfsign.html