Tuesday, January 22, 2013

How to generate self signed certificate on Apache Web Server (2.2) ?


How to generate self signed certificate on Apache Web Server (2.2)?

Step 1:

- Download Apache which have openssl bundle together as a package. You can go to http://www.apachelounge.com/download/
- Open command prompt and browse to the "APACHE_HOME\bin" folder
- Follow the steps as shown below:

1. Generate private key
openssl genrsa -des3 -out "[CERTIFICATE_FOLDER]\server.key" 1024

 2. Generate CSR
openssl req -new -key "[CERTIFICATE_FOLDER]\server.key" -config "[APACHE_HOME]\conf\openssl.cnf" -out "[CERTIFICATE_FOLDER]\server.csr"

 3. Backup the private key and after this command, passphrase will no longer in the private key
copy "[CERTIFICATE_FOLDER]\server.key" "[CERTIFICATE_FOLDER]\server.key.org"
openssl rsa -in "[CERTIFICATE_FOLDER]\server.key.org" -out "[CERTIFICATE_FOLDER]\server.key"

 4. Generate the certificate
openssl x509 -req -days 365 -in "[CERTIFICATE_FOLDER]\server.csr" -signkey "[CERTIFICATE_FOLDER]\server.key" -out "[CERTIFICATE_FOLDER]\server.crt"


Step 2:

- Go to "APACHE_HOME\conf" folder and open httpd.conf.
- Uncomment line
LoadModule ssl_module modules/mod_ssl.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so

Include conf/extra/httpd-vhosts.conf
Include conf/extra/httpd-ssl.conf

Step 3:


- Go to "APACHE_HOME\conf\extra" folder and open httpd-ssl.conf.

SSLCertificateFile "[CERTIFICATE_FOLDER]\server.crt"
SSLCertificateKeyFile "[CERTIFICATE_FOLDER]\server.key"

Tips:
To check the Apache configuration, open Window command prompt and browse to the "APACHE_HOME\bin" folder, type in the command "httpd -S".

Step 4:

- Go to "APACHE_HOME\conf\extra" folder and open httpd-vhosts.conf, edit the value of both of the virual host configuration

<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host2.example.com
    DocumentRoot "[APACHE_HOME]\htdocs"
    ServerName dummy-host2.example.com
ServerAlias www.dummy-host2.example.com
    ErrorLog "logs/dummy-host2.example.com-error.log"
    CustomLog "logs/dummy-host2.example.com-access.log" common
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin webmaster@dummy-host2.example.com
DocumentRoot "[APACHE_HOME]\htdocs"
ServerName dummy-host2.example.com
ServerAlias www.dummy-host2.example.com

    ErrorLog "logs/dummy-host2.example.com-error.log"
    CustomLog "logs/dummy-host2.example.com-access.log" common

    SSLEngine on
    SSLCipherSuite HIGH:!aNULL:!MD5
SSLCertificateFile "[CERTIFICATE_FOLDER]\server.crt"
SSLCertificateKeyFile "[CERTIFICATE_FOLDER]\server.key"
</VirtualHost>
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)