Rui CarmoUsing the stock RedHat Makefile setup:
- Make sure you’ve cleared out older certificates (if any):
sh
# cd /etc/httpd/conf
# rm ssl.key/server.key
# rm ssl.crt/server.crt
- Generate a passwordless server key:
sh
# /usr/bin/openssl genrsa 1024 > /etc/httpd/conf/ssl.key/server.key
# chmod go-rwx /etc/httpd/conf/ssl.key/server.key
- Generate your new certificate (you will be prompted for the usual certificate fields):
```text # make testcert umask 77 ; \ /usr/bin/openssl req -new -key /etc/httpd/conf/ssl.key/server.key -x509 -days 365 -out /etc/httpd/conf/ssl.crt/server.crt Using configuration from /usr/share/ssl/openssl.cnf
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.’, the field will be left blank.
Country Name (2 letter code) [GB]:. State or Province Name (full name) [Berkshire]:. Locality Name (eg, city) [Newbury]:. Organization Name (eg, company) [My Company Ltd]:. Organizational Unit Name (eg, section) []:. Common Name (your name or server’s hostname) []:web.local Email Address []:[email protected] ```
- Restart and test:
sh
# /sbin/service httpd restart