add self signed certificate

Here are steps to add a new self-signed certificate.

  1. log into server
  2. run below command

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/<fulldomain>-selfsigned.key -out /etc/ssl/certs/<fulldomain>-selfsigned.crt

  1. while being asked to feed details, make sure to fill QNAME with your full (sub)domain name for which this certificate is going to be used
  2. once certificate is generated, edit /etc/apache2/sites-available/<mysite-config-file>.conf
  3. Link the certificate there as in below:

SSLCertificateKeyFile /etc/ssl/private/<fulldomain>-selfsigned.key

SSLCertficateFile /etc/ssl/private/<fulldomain>-selfsigned.crt

  1. restart apache

sudo /etc/init.d/apache2 restart

Done!

sources

Post a Comment

Your email is never published nor shared. You're allow to say what you want...