 |
 |
 |
Building Apache |  |
 |
|
|
|
Building Apache | |
|
If one does not want a CA to sign their certificate, or for testing purposes, a self-signed certificate can be generated. The disadvantage to this is that the end user, when visiting the SSL enabled site, will be warned by their browser that the certificate could not be verified. However, the end user will still be able to continue onto the secure site after bypassing the error. For personal sites, or internal sites, this method is the cheapest and works.
The following will generate a certificate valid for 1 year and place the resulting certificate in the file, server.crt.
# openssl req -new -key server.key -x509 -days 365 -out server.crt
As in the above section, one will have to enter in details about the security certificate. Again, it is absolutely essential that one specifies the domain name that the certificate is being created for under Common Name (eg. YOUR name) (for example, www.servername.com). Again, keep these keys in a safe location, in addition to the server itself.
|
|
|
Building Apache | |
|