Generate certificates:
$ openssl genrsa -des3 -rand rand-seed1.gz:rand-seed2.gz -out server.key 2048
$ openssl rsa -in server.key -out server.pem
$ openssl req -new -key server.key -out server.csr
$ openssl x509 -req -days 180 -in server.csr -signkey server.key -out server.crt
$ # remove password from key file:
$ openssl rsa -in server.key -out server.key.nopass
Apache conf:
SSLEngine on
SSLCertificateFile "/path-to-apache-ssl-folder/server.crt"
#SSLCertificateKeyFile "/path-to-apache-ssl-folder/server.pem"
SSLCertificateKeyFile "/path-to-apache-ssl-folder/server.key"
BrowserMatch "MSIE [2-5]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
$ openssl genrsa -des3 -rand rand-seed1.gz:rand-seed2.gz -out server.key 2048
$ openssl rsa -in server.key -out server.pem
$ openssl req -new -key server.key -out server.csr
$ openssl x509 -req -days 180 -in server.csr -signkey server.key -out server.crt
$ # remove password from key file:
$ openssl rsa -in server.key -out server.key.nopass
Apache conf:
SSLEngine on
SSLCertificateFile "/path-to-apache-ssl-folder/server.crt"
#SSLCertificateKeyFile "/path-to-apache-ssl-folder/server.pem"
SSLCertificateKeyFile "/path-to-apache-ssl-folder/server.key"
BrowserMatch "MSIE [2-5]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
No comments:
Post a Comment