which commands do you use to SSL certify your own server?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hello,

I am going to build an email server on Centos for a small,
private group of users and I just want to encrypt all
communications between that server and the (remote) email
clients of those users (or they browsers, when they use
webmail). Client certificates are not necessary, at least
now.

I understand that to do that I need to create my own SSL CA,
create with it a self signed certificate and key pair and make sure
that the private key is not encrypted, so the server restarts
unattended in case of a reboot.

I have already looked at man pages and a few online tutorials,
but frankly they are not clear on what to do to achieve all
and _only_ what I wrote above. Most documentation, when not
outdated, seems targeted at much more complex scenarions.

Is this sequence of actions and commands correct and complete
for my case, or not:

1) cd /usr/share/ssl
2) modify openssl.cnf to have your Common Name and other parameters
3) run:
      ./CA -newca
      ./CA -newreq-nodes
4) move the private key from the .pem file to a separate file
5) put the cert and key file in a location where Postfix,
6) Dovecot and Apache can all use them
7) configure each of those servers to use the certificate

What have I missed?

Thank you in advance for any feedback (I'll have access
to the server only over the weekend, but it would be great
to have this issue as clear as possible before starting...)

Marco

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux