[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Debian-sf-devel] Quick fix to apache-modssl for SF2.6

From: Tim Uckun
Subject: Re: [Debian-sf-devel] Quick fix to apache-modssl for SF2.6
Date: Tue, 29 Jan 2002 10:18:58 -0700

Let me know if you have problems with this recipe... It's still a work
in progress :)

Here is my solution. It's like yours except that I name my keys something other then server.key. I believe that this will help you in case some install script overwrites the default key names. I wrote it as a shell script because I have to use it some much...

How do you stop it from asking for a passphrase every time it starts up??

#1) generate a key for the domain, which goes in /etc/apache/ssl.key
openssl genrsa -des3 -rand $LOGFILES -out /etc/apache/ssl.key/$DOMAIN.key 1024

#2) Generate the csr file
openssl req -new -key /etc/apache/ssl.key/$DOMAIN.key -out /etc/apache/ssl.csr/$DOMAIN.csr

#3) Generate the crt file
openssl x509 -req -days 360 -in /etc/apache/ssl.csr/$DOMAIN.csr -signkey /etc/apache/ssl.key/$DOMAIN.key -out /etc/apache/ssl.crt/$DOMAIN.crt

#Make sure you update your httpd.conf file with
#SSLCertificateFile    /etc/apache/ssl.crt/
#SSLCertificateKeyFile /etc/apache/ssl.key/

Tim Uckun
US Investigations Services/Due Diligence

reply via email to

[Prev in Thread] Current Thread [Next in Thread]