Académique Documents
Professionnel Documents
Culture Documents
cd /etc/ssl/private
root@dlp:/etc/ssl/private#
openssl genrsa -aes128 -out server.key 2048
root@dlp:/etc/ssl/private#
openssl rsa -in server.key -out server.key
# country
# state
# city
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
GTS
# company
# department
# server's FQDN
# email address
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
root@dlp:/etc/ssl/private#
openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
Signature ok
subject=/C=JP/ST=Hiroshima/L=Hiroshima/O=GTS/OU=Server
World/CN=dlp.srv.world/emailAddress=xxx@srv.world
Getting Private key
root@www:~#
vi /etc/apache2/sites-available/default-ssl.conf
# line 3: change admin email
ServerAdmin
webmaster@srv.world
# line 32,33: change to the one created above
SSLCertificateFile
/etc/ssl/private/server.crt
SSLCertificateKeyFile
/etc/ssl/private/server.key
root@www:~#
a2ensite default-ssl
root@www:~#
a2enmod ssl
root@www:~#
systemctl restart apache2
Access to the test page from a client computer with a Web browser via HTTPS. The examample
below is the Firefox. Following screen is shown because Certificates is self-signed one, but it's no
ploblem, Proceed to next.