Creating an SSL certificate for your Apache webserver

This is my interpretation on setting up a self-signed SSL certificate for an Apache web-server.

The instructions are generic and apply to most versions of Apache on almost any Linux platform.

Firstly, I suggest creating a separate directory to store your SSL certificates e.g.

mkdir /var/www/ssl/mydomain

Now lets browse to the directory we just created:

cd /var/www/ssl/mydomain

We are using the ‘openssl‘ utility to generate our SSL certificate.

Firstly, we create a private key** using:

openssl genrsa -out mydomain.key

Now we generate a certificate signing request or CSR for short using:

openssl rsa -in mydomain.key -out mydomain.csr

Fill in the appropriate fields with relative information….

and, finally create the self-signed certificate using:

openssl x509 -req days 365 -in mydomain.csr -signkey mydomain.key -out mydomain.crt

This creates a selfsigned ‘mydomain.crt’ for 365 days.

**For safety only allow root to read the private key using:

chown root mydomain.key && chmod 600 mydomain.key


Post a comment

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.