rapidssl
Obsah
RapidSSL
Pořízení SSL certifikátu a nasazení na CentOS 6.X.
https://www.rapidssl.com/buy-ssl/index.html - Secure a single domain with strong encryption in just minutes.
Vytvoření privátního klíče
Nastavit si netriviální heslo.
shell# openssl genrsa -des3 -out www.isn.cz.key 2048
Generating RSA private key, 2048 bit long modulus .............................................+++ .............................................+++ .............................................+++ Enter pass phrase for www.isn.cz.key: Verifying - Enter pass phrase for www.isn.cz.key:
Vytvoření CSR klíče
shell# openssl req -new -key www.isn.cz.key -out www.isn.cz.csr
Enter pass phrase for www.isn.cz.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CZ State or Province Name (full name) []:Czech Republic Locality Name (eg, city) [Default City]:Mlada Boleslav Organization Name (eg, company) [Default Company Ltd]:ISN.CZ Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []:www.isn.cz Email Address []: postmaster@isn.cz Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
Export privátního klíče bez hesla
Pro automatické spuštění http serveru.
shell# openssl rsa -in www.isn.cz.key -out www.isn.cz-bh.key
HTTPD
<VirtualHost *:443> ServerAdmin postmaster@isn.cz DocumentRoot /var/www/html ServerName www.isn.cz SSLEngine on SSLCertificateFile /etc/pki/tls/certs/www.isn.cz.crt SSLCertificateKeyFile /etc/pki/tls/private/www.isn.cz-bh.key SSLCACertificateFile /etc/httpd/conf/ssl.crt/www.isn.cz.pem ErrorLog /var/log/httpd/https_isn.cz-error_log CustomLog /var/log/httpd/https_isn.cz-access_log common </VirtualHost>
rapidssl.txt · Poslední úprava: 2023/12/26 19:13 autor: 127.0.0.1