Re: renewing a certificate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Melanie Pfefer wrote:
> Hi ,
> 
> I created the .pem file using keytool
> 
> keytool -export -alias tomcat -rfc > tomcat.pem
> 
> and then moved this file to apache directory and ran c_rehash  /usr/local/apache/conf/ssl
> 
> this created a link file cc5d41ae.0 -> tomcat.pem
> 
> what are the missing steps to create the server.key and server.crt on apache using openssl?

from the openssl howto (http://www.openssl.org/docs/HOWTO/)

openssl genrsa -des3 -out privkey.pem 2048

will make a private key (privkey.pem) encrypted with a passphrase, if
you dont' want the passphrase leave the '-des3' bit out

to make a certificate:

openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095

this will make a self-signed certificate using the previously created key.


Davide

-- 
I used to be interested in Windows NT, but the more I see of it the more
it looks like traditional Windows with a stabler kernel. I don't find
anything technically interesting there. In my opinion MS is a lot better
at making money than it is at making good operating systems.
   -- Linus Torvalds

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux