There are just a few quick and easy steps to generate a certificate without a passphrase for Apache. First you have to generate a key for your host:
[root@heimdull]# openssl genrsa 1024 > host.keyGenerating RSA private key, 1024 bit long modulus..........................................++++++.........++++++e is 65537 (0x10001)Generating RSA private key, 1024 bit long modulus............. .............................++++++.........++++++e is 65537 (0x10001)
Now you have your host key file that you will use in the Apache configuration file and to generate the actual certificate
[root@heimdull]# openssl req -new -x509 -nodes -sha1 -days 365 -key host.key > host.crt You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:GB State or Province Name (full name) [Berkshire]:Berkshire Locality Name (eg, city) [Newbury]: Newbury Organization Name (eg, company) [My Company Ltd]:My Company Ltd Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []:www.myserver.com Email Address []:
Now you have to move these files somewhere that is related to you Apache installation and in your httpd.conf or httpd-ssl.conf file you will need these lines:
SSLEngine on SSLCertificateFile /Apache-home/ssl/host.crt SSLCertificateKeyFile /Apache-home/ssl/host.key
Advertisement
