Uživatelské nástroje

Nástroje pro tento web


rapidssl

Rozdíly

Zde můžete vidět rozdíly mezi vybranou verzí a aktuální verzí dané stránky.


Předchozí verze
rapidssl [2023/12/26 19:13] (aktuální) – upraveno mimo DokuWiki 127.0.0.1
Řádek 1: Řádek 1:
 +====== RapidSSL ======
  
 +  * https://www.sslmarket.cz
 +  * https://www.ssls.cz/
 +
 +Pořízení SSL certifikátu a nasazení na CentOS 6.X.
 +
 +https://www.rapidssl.com/buy-ssl/index.html - Secure a single domain with strong encryption in just minutes.
 +===== Vytvoření privátního klíče =====
 +
 +Nastavit si netriviální heslo.
 +
 +<code>
 +shell# openssl genrsa -des3 -out www.isn.cz.key 2048
 +</code>
 +
 +<code>
 +Generating RSA private key, 2048 bit long modulus
 +.............................................+++
 +.............................................+++
 +.............................................+++
 +Enter pass phrase for www.isn.cz.key:
 +Verifying - Enter pass phrase for www.isn.cz.key:
 +</code>
 +===== Vytvoření CSR klíče =====
 +
 +<code>
 +shell# openssl req -new -key www.isn.cz.key -out www.isn.cz.csr
 +</code>
 +
 +<code>
 +Enter pass phrase for www.isn.cz.key:
 +You are about to be asked to enter information that will be incorporated
 +into your certificate request.
 +What you are about to enter is what is called a Distinguished Name or a DN.
 +There are quite a few fields but you can leave some blank
 +For some fields there will be a default value,
 +If you enter '.', the field will be left blank.
 +-----
 +Country Name (2 letter code) [XX]:CZ
 +State or Province Name (full name) []:Czech Republic
 +Locality Name (eg, city) [Default City]:Mlada Boleslav
 +Organization Name (eg, company) [Default Company Ltd]:ISN.CZ
 +Organizational Unit Name (eg, section) []:
 +Common Name (eg, your name or your server's hostname) []:www.isn.cz
 +Email Address []: postmaster@isn.cz
 +
 +Please enter the following 'extra' attributes
 +to be sent with your certificate request
 +A challenge password []:
 +An optional company name []:
 +</code>
 +
 +===== Export privátního klíče bez hesla =====
 +
 +Pro automatické spuštění http serveru.
 +
 +<code>
 +shell# openssl rsa -in www.isn.cz.key -out www.isn.cz-bh.key
 +</code>
 +
 +===== HTTPD =====
 +
 +<code>
 +<VirtualHost *:443>
 +  ServerAdmin postmaster@isn.cz
 +  DocumentRoot /var/www/html
 +  ServerName www.isn.cz
 +  SSLEngine on
 +  SSLCertificateFile /etc/pki/tls/certs/www.isn.cz.crt
 +  SSLCertificateKeyFile /etc/pki/tls/private/www.isn.cz-bh.key
 +  SSLCACertificateFile /etc/httpd/conf/ssl.crt/www.isn.cz.pem
 +  ErrorLog /var/log/httpd/https_isn.cz-error_log
 +  CustomLog /var/log/httpd/https_isn.cz-access_log common
 +</VirtualHost>
 +</code>