Thursday, April 06, 2006

Generating SSL Key

Step one - create the key and request:

# openssl req -new > new.cert.csr

Step two - remove the passphrase from the key (optional):

# openssl rsa -in privkey.pem -out new.cert.key

Step three - convert request into signed cert:

# openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey
new.cert.key -days 365

The Apache-SSL directives that you need to use the resulting cert are:

SSLCertificateFile /path/to/certs/new.cert.cert
SSLCertificateKeyFile /path/to/certs/new.cert.key