티스토리 뷰

EN/Fedora 18

Fedora 18 SSL Certificates

ServerWorld 2016.04.23 18:55

Fedora 18 SSL Certificates


SSL Certificates

  Create a your server's original SSL Certificate. If you use your server as a business, it had better buy and use a Formal Certificate from Verisign and so on.


[root@www ~]# cd /etc/pki/tls/certs 


[root@www certs]# make server.key 

umask 77 ; \

/usr/bin/openssl genrsa -aes128 2048 > server.key

Generating RSA private key, 2048 bit long modulus

..+++

...+++

e is 65537 (0x10001)

Enter pass phrase:# set passphrase

Verifying - Enter pass phrase:# confirm

# remove passphrase from private key

[root@www certs]# openssl rsa -in server.key -out server.key 

Enter pass phrase for server.key:# passphrase

writing RSA key


[root@www certs]# make server.csr 

umask 77 ; \

/usr/bin/openssl req -utf8 -new -key server.key -out server.csr

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:JP# country

State or Province Name (full name) []:Hiroshima   # state

Locality Name (eg, city) [Default City]:Hiroshima# city

Organization Name (eg, company) [Default Company Ltd]:GTS   # company

Organizational Unit Name (eg, section) []:Server World   # department

Common Name (eg, your name or your server's hostname) []:www.server.world   # server's FQDN

Email Address []:xxx@server.world# email address



Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:# Enter

An optional company name []:# Enter


[root@www certs]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650

Signature ok

subject=/C=JP/ST=Hiroshima/L=Hiroshima/O=GTS/OU=Server World/CN=www.server.world/emailAddress=xxx@server.world

Getting Private key


[root@www certs]# chmod 400 server.*

저작자 표시 비영리 변경 금지
신고

'EN > Fedora 18' 카테고리의 다른 글

Fedora 18 Clamav - Anti-Virus  (0) 2016.04.23
Fedora 18 SSL Certificates  (0) 2016.04.23
Fedora 18 Set Hostname  (0) 2016.04.23
Fedora 18 Set keymap  (0) 2016.04.23
Fedora 18 Set keymap  (0) 2016.04.23
Fedora 18 Set time-zone  (0) 2016.04.23
댓글