Tuesday, January 12, 2016

certificate signing using TLS




# Generate private key 
openssl genrsa -out ca.key 2048 

# Generate CSR 
openssl req -new -key ca.key -out ca.csr

# Generate Self Signed Key
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

# Copy the files to the correct locations
cp ca.crt /etc/pki/tls/certs
cp ca.key /etc/pki/tls/private/ca.key
cp ca.csr /etc/pki/tls/private/ca.csr
 
 
/etc/httpd/conf.d/ssl.conf 
SSLCertificateFile /etc/pki/tls/certs/ca.crt 
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
 
httpd restart
 
 
open in browser like : https:// 
 
This is working through 443 port number (Refer  /etc/httpd/conf.d/ssl.conf  )

There are NO changes required in ( /etc/httpd/conf/httpd.conf )
 
Ref:
https://wiki.centos.org/HowTos/Https

No comments:

Post a Comment