Difference between revisions of "SSL certifiate installation Debian"
From Tech
Jump to navigationJump to search (Created page with "* [http://danieljamesscott.org/10-articles/configuration-guides/21-ssl-certificate-csr-generation.html] cd /etc mv certs certs-old mkdir certs cd /etc/certs openssl genrsa -…") |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | Generate the Certificet Singing Request (.csr) and the ssl.key file: |
||
* [http://danieljamesscott.org/10-articles/configuration-guides/21-ssl-certificate-csr-generation.html] |
* [http://danieljamesscott.org/10-articles/configuration-guides/21-ssl-certificate-csr-generation.html] |
||
| − | cd /etc |
+ | cd /etc/apache2/ |
mv certs certs-old |
mv certs certs-old |
||
mkdir certs |
mkdir certs |
||
| − | cd |
+ | cd certs |
openssl genrsa -out ssl.key 2048 |
openssl genrsa -out ssl.key 2048 |
||
chmod 600 ssl.key |
chmod 600 ssl.key |
||
| Line 15: | Line 16: | ||
#Common Name (eg, YOUR name) []:db.uea.org |
#Common Name (eg, YOUR name) []:db.uea.org |
||
#Email Address []:admin@co.uea.org |
#Email Address []:admin@co.uea.org |
||
| + | Give (copy-paste in text input box) the .csr file to the SSL issuing site. |
||
| + | Goddaddy now sends a verification mail, click on the link. |
||
| + | Then (after some clicking) .zip file with the cert can be downloaded (choose Apache) |
||
| + | cd /etc/apache2/certs |
||
| + | unzip /tmp/479d27f667c58.zip |
||
| + | mv 479d27f667c58.crt db.uea.org.crt |
||
| + | cp gd_bundle-g2-g1.crt gd_bundle.crt |
||
| + | ls -l |
||
| + | total 16 |
||
| + | -rw-r--r-- 1 root root 1879 2013-04-12 08:43 db.uea.org.crt |
||
| + | -rw-r--r-- 1 root root 1135 2013-04-12 17:28 db.uea.org.csr |
||
| + | -rw-r--r-- 1 root root 3197 2013-04-12 08:43 gd_bundle.crt |
||
| + | -rw-r--r-- 1 root root 3197 2013-04-12 08:43 gd_bundle-g2-g1.crt |
||
| + | -rw------- 1 www-data www-data 1675 2013-04-12 17:20 ssl.key |
||
| + | |||
| + | cd /etc/apache2/sites-available |
||
| + | vi default-ssl |
||
| + | ##-> |
||
| + | SSLCACertificateFile /etc/apache2/certs/gd_bundle.crt |
||
| + | SSLCertificateFile /etc/apache2/certs/db.uea.org.crt |
||
| + | SSLCertificateKeyFile /etc/apache2/certs/ssl.key |
||
| + | ##-> |
||
Latest revision as of 22:47, 10 April 2014
Generate the Certificet Singing Request (.csr) and the ssl.key file:
cd /etc/apache2/ mv certs certs-old mkdir certs cd certs openssl genrsa -out ssl.key 2048 chmod 600 ssl.key chown www-data:www-data ssl.key openssl req -new -key ssl.key -out db.uea.org.csr #Country Name (2 letter code) [AU]:NL #State or Province Name (full name) [Some-State]:Zuid Holland #Locality Name (eg, city) []:Rotterdam #Organization Name (eg, company) [Internet Widgits Pty Ltd]:Universala Esperanto Asocio #Organizational Unit Name (eg, section) []:Centra Oficejo #Common Name (eg, YOUR name) []:db.uea.org #Email Address []:admin@co.uea.org
Give (copy-paste in text input box) the .csr file to the SSL issuing site. Goddaddy now sends a verification mail, click on the link. Then (after some clicking) .zip file with the cert can be downloaded (choose Apache)
cd /etc/apache2/certs unzip /tmp/479d27f667c58.zip mv 479d27f667c58.crt db.uea.org.crt cp gd_bundle-g2-g1.crt gd_bundle.crt ls -l total 16 -rw-r--r-- 1 root root 1879 2013-04-12 08:43 db.uea.org.crt -rw-r--r-- 1 root root 1135 2013-04-12 17:28 db.uea.org.csr -rw-r--r-- 1 root root 3197 2013-04-12 08:43 gd_bundle.crt -rw-r--r-- 1 root root 3197 2013-04-12 08:43 gd_bundle-g2-g1.crt -rw------- 1 www-data www-data 1675 2013-04-12 17:20 ssl.key
cd /etc/apache2/sites-available vi default-ssl ##-> SSLCACertificateFile /etc/apache2/certs/gd_bundle.crt SSLCertificateFile /etc/apache2/certs/db.uea.org.crt SSLCertificateKeyFile /etc/apache2/certs/ssl.key ##->
