Archive for Apr 17, 2012

SSL Certificate For The Server

SSL Certificate Installation

SSL Certificate Installation (SSL)


Create your server's original SSL Certificate. If you use your server as a business, it had better buy and use a Formal Certificate from Verisign and so on.

This involves 2 steps : SSL Certificate Creation and Httpd configuration.

Step 1 : SSL Cert Creation

  • Here are some steps shown by means of pictures you can run those commands to install self signed certificate on your server -
  • Run,           # cd /etc/pki/tls/certs  
  • Then use,  #  make server2.key

Then enter any password that it will prompt for.

  • Next use this command,  # openssl rsa -in server2.key -out server2.key
           Then again it will ask for some password again reenter it.

  • Then use, # make server2.csr
           This will then generate the Certificate Signing Reqest.

           Then it will ask you some information like Country Name, State, City etc.

           Email Address of the responsible person, Server Name (FQDN) etc.

          Then atlast it will again ask you for the password then give the same.

  • Then use these commands,
 #  openssl x509 -in server2.csr -out server2.crt -req -signkey server2.key -days 3650
 #  chmod 400 server.*     

Step 2 : Httpd Configuration :

  • First Install mod_ssl,
         # yum install mod_ssl -y

  • Then Edit, # vi  /etc/httpd/conf.d/ssl.conf
          # uncomment line # 84 “Document Root - /var/www/html”

         # uncomment line, specify server name # 85 “Server Name and port no.”

        # line 112 : specify certificate
“SSL Certificate File - /etc/pki/tls/certs/server2.crt”

       # line 119 : specify cert key
“SSL Cert Key File - /etc/pki/tls/certs/server2.key”

  • Then Restart, # /etc/rc.d/init.d/httpd restart

Access to the test page with https. Following window is shown because Certification File is made by yourdelf, it's no ploblem, Click Ok to proceed. 


Just Installed SSL Certificate For The Domain

Installed SSL Certificate

Install your server certificate on your pc and then safely access to your server.