Uživatelské nástroje

Nástroje pro tento web


rapidssl

RapidSSL

Pořízení SSL certifikátu a nasazení na CentOS 6.X.

https://www.rapidssl.com/buy-ssl/index.html - Secure a single domain with strong encryption in just minutes.

Vytvoření privátního klíče

Nastavit si netriviální heslo.

shell# openssl genrsa -des3 -out www.isn.cz.key 2048
Generating RSA private key, 2048 bit long modulus
.............................................+++
.............................................+++
.............................................+++
Enter pass phrase for www.isn.cz.key:
Verifying - Enter pass phrase for www.isn.cz.key:

Vytvoření CSR klíče

shell# openssl req -new -key www.isn.cz.key -out www.isn.cz.csr
Enter pass phrase for www.isn.cz.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CZ
State or Province Name (full name) []:Czech Republic
Locality Name (eg, city) [Default City]:Mlada Boleslav
Organization Name (eg, company) [Default Company Ltd]:ISN.CZ
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:www.isn.cz
Email Address []: postmaster@isn.cz

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Export privátního klíče bez hesla

Pro automatické spuštění http serveru.

shell# openssl rsa -in www.isn.cz.key -out www.isn.cz-bh.key

HTTPD

<VirtualHost *:443>
  ServerAdmin postmaster@isn.cz
  DocumentRoot /var/www/html
  ServerName www.isn.cz
  SSLEngine on
  SSLCertificateFile /etc/pki/tls/certs/www.isn.cz.crt
  SSLCertificateKeyFile /etc/pki/tls/private/www.isn.cz-bh.key
  SSLCACertificateFile /etc/httpd/conf/ssl.crt/www.isn.cz.pem
  ErrorLog /var/log/httpd/https_isn.cz-error_log
  CustomLog /var/log/httpd/https_isn.cz-access_log common
</VirtualHost>
rapidssl.txt · Poslední úprava: 2015/09/26 15:57 (upraveno mimo DokuWiki)