Rui CarmoUsing the stock RedHat Makefile setup:
1. Make sure you've cleared out older certificates (if any):
# cd /etc/httpd/conf # rm ssl.key/server.key # rm ssl.crt/server.crt
2. Generate a passwordless server key:
# /usr/bin/openssl genrsa 1024 > /etc/httpd/conf/ssl.key/server.key # chmod go-rwx /etc/httpd/conf/ssl.key/server.key
3. Generate your new certificate (you will be prompted for the usual certificate fields):
# make testcert umask 77 ; \ /usr/bin/openssl req -new -key /etc/httpd/conf/ssl.key/server.key -x509 -days 365 -out /etc/httpd/conf/ssl.crt/server.crt Using configuration from /usr/share/ssl/openssl.cnf You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:. State or Province Name (full name) [Berkshire]:. Locality Name (eg, city) [Newbury]:. Organization Name (eg, company) [My Company Ltd]:. Organizational Unit Name (eg, section) []:. Common Name (your name or server's hostname) []:web.local Email Address []:[email protected]
4. Restart and test:
# /sbin/service httpd restart