- Create the server key (in this example RSA 1024 bit):
openssl genrsa -out host.key 1024 - Make a certificate out of it (it won’t be signed yet):
openssl req -new -key host.key -out host.csr - Create your CA certificate (will be valid for a year):
openssl req -new -x509 -days 365 -key host.key -out host.crt
Copy info from host.crt and plug it into website of cacert. It will create text you will put in a .csr file
Create the .csr file in the /etc/apache2/ssl area, in this case I called it my host name m1box.csr.
cp host.key m1box.key
Enable the SSL module
sudo a2enmod ssl
Listen to port 443
echo "Listen 443" | sudo tee -a /etc/apache2/ports.conf
Create and enable the SSL site
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
Modify it so it looks something like this
NameVirtualHost *:443
<virtualhost *:443>
ServerAdmin webmaster@localhost
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/m1box.csr
SSLCertificateKeyFile /etc/apache2/ssl/m1box.key
…and enable it
sudo a2ensite ssl
don’t forget to modify /etc/apache2/sites-available/default
NameVirtualHost *:80 <virtualhost *:80>
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.
You must be logged in to post a comment.