Home
Step 1 : Generate a private key using openssl
The first step is to create your RSA Private Key which is a 1024 bit RSA key which is encrypted using data encryption standard and stored in a PEM format so that it is readable as ASCII text.
openssl genrsa -des3 -out myserver.key 1024
Step 2 : Generate a certificate signing request (CSR)
Once a private key is generated, CSR can be created with the following command. During the generation of CSR, few question will be prompted.
openssl req -new -key mymachine.key -out mymachine.csr
Step 3 : Disable/Remove passphrase
This step is to remove the passphrase for the private key or else your apache will prompt the password each time the web server started.
cp mymachine.key mymachine.key.org
openssl rsa -in mymachine.key.org -out mymachine.key
Step 4: Generating certificate
This step is to create a cetificate for SSL implementation. Use the command below to create a certificate which will last for 365 days (1 Year).
openssl x509 -req -days 365 -in mymachine.csr -signkey mymachine.key -out mymachine.crt
Step 5: Configure SSL Settings
(A) Configure your ssl.conf in /etc/httpd/conf.d/
Change the value for Servername, SSLCertificateFile, SSLCertificateKeyFile
(B) Configure your SSL settings in httpd.conf
Add the lines below to enable virtual hosting.
Step 6: Restart your apache
/etc/init.d/httpd restart
