- Pacotes necessários:
- mod_ssl
- openssl
- Criando o primeiro certificado (key):
- openssl genrsa -des3 -out www.dominio.com.key 1024
- Informe uma senha para o certificado
- Criando o segundo certificado (csr):
- openssl req -new www.dominio.com.key -out www.dominio.com.key.csr
- Country Name (2 letter code) [GB]:BR
- State or Province Name (full name) [Berkshire]:Ceara
- Locality Name (eg, city) [Newbury]:Fortaleza
- Organization Name (eg, company) [My Company Ltd]:Empresa Ltda
- Organizational Unit Name (eg, section) []:Tecnologia da Informacao
- Common Name (eg, your name or your server's hostname) []: www.dominio.com
- Email Address []:diego@dominio.com
- Please enter the following 'extra' attributes
- to be sent with your certificate request
- A challenge password []:
- An optional company name []:
- Removendo a senha do certificado (key):
- cp www.dominio.com.key www.dominio.com.key.old
- openssl rsa -in www.dominio.com.key.old -out www.dominio.com.key
- Criando o terceiro certificado (crt):
- openssl x509 -req -days 365 -in www.dominio.com.csr -signkey server.key -out www.dominio.com.crt
- Instalando os certificados:
- mv www.dominio.com.key /etc/ssl/private/
- mv www.dominio.com.csr /etc/ssl/private/
- mv www.dominio.com.ctr /etc/ssl/private/
- Configurando o arquivo de configuração apache:
- <IfModule mod_ssl.c>
- Listen 443
- </IfModule>
- <VirtualHost *:443>
- ServerAdmin diego@dominio.com
- ServerName www.dominio.com
- DocumentRoot /usr/local/www/html/
- SSLCertificateFile /etc/ssl/private/www.dominio.com.crt
- SSLCertificateKeyFile /etc/ssl/private/www.dominio.com.key
- SSLEngine On
- </VirtualHost>
- Reinicie o serviço e teste a página
- /etc/init.d/apache restart
- https://www.dominio.com
sexta-feira, 14 de junho de 2013
Configurar Apache com OpenSSL
Assinar:
Postagens (Atom)