How to create an SSL certificate for Apache

This entry was posted by Tuesday, 7 April, 2009
Read the rest of this entry »

Ok heres a script which takes you through the annoying part

#!/bin/sh
SERVER=zeald.com
PRIVATE_KEY=$SERVER.private.key
CERTIFICATE_FILE=$SERVER.crt
SIGNING_REQUEST=$SERVER.signing.request
VALID_DAYS=365
echo Delete old private key
rm $PRIVATE_KEY
echo Create new private/public-keys without passphrase for server
openssl genrsa -out $PRIVATE_KEY 1024
echo Create file for signing request
rm $SIGNING_REQUEST
openssl req -new -days $VALID_DAYS -key $PRIVATE_KEY -out $SIGNING_REQUEST
echo Filename for signing request is: $SIGNING_REQUEST
echo Send the content of the file to the certification authority.
echo For example: Christian Heutger [c.heutger@psw.biz]
echo from http://www.ssl-certs.de
cat $SIGNING_REQUEST
echo You can check this request at
echo https://secure.comodo.net/utilities/decodeCSR.html

now chmod +x create_signing_request.sh

then ./create_signing_request.sh
it will go through asking you information about your company etc. You may need to do this several times to figure out what goes where. Then go to your SSL certificate provider, and use the CSR to request the ssl certificate. It may take an hour or two or even up too a couple days to get your SSL certificate.
Once you have it you need to add into your apache config a couple of lines similar to this

SSLCertificateFile /etc/apache/ssl.crt/yourdomain.crt
SSLCertificateKeyFile /etc/apache/ssl.key/yourdomain.key

Last-Modified: 2008-06-10 13:57:40


Leave a Reply