It's 2 Step Process -
Step 1 - Create CSR field and send & receiving your SSL cert from your authority of choice -
Start with below command in terminal -
You may chose to leave the email address and challenge password blank by simply hitting return when prompted.
You may chose to leave the email address and challenge password blank by simply hitting return when prompted.
Generating a 2048 bit RSA private key
………..+++
………………………..+++
writing new private key to ‘domain.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:Newark
Locality Name (eg, city) [Newbury]:Delaware
Organization Name (eg, company) [My Company Ltd]:My Company Name
Organizational Unit Name (eg, section) []:Security
Common Name (eg, your name or your server’s hostname) []:www.domain.com
Email Address []:
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Once the form is filled out, two files will be created in the directory in which the command was run. The filedomain.csr has the CSR for the SSL which will need to provide to the SSL issuer.
Step 2 Receiving your SSL cert from your authority of choice to installing it in apache.
When you receive your SSL certificate from your authority, upload it to your server and place it in ~/domain.com.ssl/domain.com.crt
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
Restart apache - service httpd restart
Restart iptables - service iptables restart
Step 1 - Create CSR field and send & receiving your SSL cert from your authority of choice -
Start with below command in terminal -
openssl req -nodes -newkey rsa:2048 -keyout domain.key -out domain.csrYou may chose to leave the email address and challenge password blank by simply hitting return when prompted.
You may chose to leave the email address and challenge password blank by simply hitting return when prompted.
Generating a 2048 bit RSA private key
………..+++
………………………..+++
writing new private key to ‘domain.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:Newark
Locality Name (eg, city) [Newbury]:Delaware
Organization Name (eg, company) [My Company Ltd]:My Company Name
Organizational Unit Name (eg, section) []:Security
Common Name (eg, your name or your server’s hostname) []:www.domain.com
Email Address []:
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Once the form is filled out, two files will be created in the directory in which the command was run. The filedomain.csr has the CSR for the SSL which will need to provide to the SSL issuer.
Step 2 Receiving your SSL cert from your authority of choice to installing it in apache.
When you receive your SSL certificate from your authority, upload it to your server and place it in ~/domain.com.ssl/domain.com.crt
- Copy the certificate, key, and csr into the Apache server directory in which you plan to store your certificates (by default: /usr/local/apache/conf/ssl.crt/ or /etc/httpd/conf/ssl.crt/).
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
Restart apache - service httpd restart
Restart iptables - service iptables restart
No comments:
Post a Comment