mkdir ssl
cd ssl
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
openssl genrsa -des3 -out server.key 4096
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 3650 -in server.csr -CA ca.crt \
-CAkey ca.key -set_serial 01 -out server.crt
openssl rsa -in server.key -out server.key.insecure
mv server.key server.key.secure
mv server.key.insecure server.key
chmod 600 server.key.secure server.key server.csr server.crt
cp server.crt /etc/apache2/ssl.crt/.
cp server.key /etc/apache2/ssl.key/.
cp server.csr /etc/apache2/ssl.csr/.
cd /etc/apache2/vhosts.d/
cp vhost-ssl.template ssl-fqdn.conf
vi ssl-fqdn.conf (ServerName, ServerAdmin)
service apache2 restart
Comments