SSL setup quickstart

create server's RSA private key
openssl genrsa -des3 -out server.key 1024
create a certificate signing request
don't forget to put FQDN when asked for Common Name
openssl req -new -key server.key -out server.csr
sign the request
if the first time, prepare own CA (http://www.modssl.org/docs/2.8/ssl_faq.html#cert-ownca)
- create CA's RSA private key
  openssl genrsa -des3 -out ca.key 1024
- create self signed CA certificate
  openssl req -new -x509 -days 365 -key ca.key -out ca.crt
otherwise, sign the certificate request using existing ca.crt
sh /usr/share/doc/libapache-mod-ssl/examples/sign.sh /path/to/server.csr
signed certificate will be placed into the same directory as server.csr, named server.crt
install signed certificate

Checking

see details of key
openssl rsa -noout -text -in server.key
see details of certificate signing request
openssl req -noout -text -in server.csr
see details of certificate
openssl x509 -noout -text -in server.crt

Debug

$Id: ssl.html,v 1.3 2001/04/16 10:07:06 andika Exp andika $