[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Debian-sf-devel] Quick fix to apache-modssl for SF2.6
|
From: |
Tim Uckun |
|
Subject: |
Re: [Debian-sf-devel] Quick fix to apache-modssl for SF2.6 |
|
Date: |
Tue, 29 Jan 2002 10:18:58 -0700 |
Let me know if you have problems with this recipe... It's still a work
in progress :)
Here is my solution. It's like yours except that I name my keys something
other then server.key. I believe that this will help you in case some
install script overwrites the default key names. I wrote it as a shell
script because I have to use it some much...
How do you stop it from asking for a passphrase every time it starts up??
DOMAIN=virtualhost.com
LOGFILES=/var/log/apache/access.log.0:/var/log/syslog:/var/log/wtmp:/var/log/lastlog:/var/log/auth.log.0
#1) generate a key for the domain, which goes in /etc/apache/ssl.key
openssl genrsa -des3 -rand $LOGFILES -out /etc/apache/ssl.key/$DOMAIN.key 1024
#2) Generate the csr file
openssl req -new -key
/etc/apache/ssl.key/$DOMAIN.key -out /etc/apache/ssl.csr/$DOMAIN.csr
#3) Generate the crt file
openssl x509 -req -days 360 -in /etc/apache/ssl.csr/$DOMAIN.csr -signkey
/etc/apache/ssl.key/$DOMAIN.key -out /etc/apache/ssl.crt/$DOMAIN.crt
#Make sure you update your httpd.conf file with
#SSLCertificateFile /etc/apache/ssl.crt/www.virtualhost.com.crt
#SSLCertificateKeyFile /etc/apache/ssl.key/www.virtualhost.com.key
:wq
Tim Uckun
US Investigations Services/Due Diligence
http://www.diligence.com/