Difference between revisions of "Ssl"

From Wasya Wiki
Jump to: navigation, search
(Created page with " From: https://www.namecheap.com/support/knowledgebase/article.aspx/9446/0/apache-opensslmodsslnginx openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr")
 
(Local nginx (or anything))
 
(11 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
 +
== Generate CSR ==
 +
 +
From: https://www.namecheap.com/support/knowledgebase/article.aspx/9446/14/generating-csr-on-apache--opensslmodsslnginx--heroku/
  
 
From: https://www.namecheap.com/support/knowledgebase/article.aspx/9446/0/apache-opensslmodsslnginx
 
From: https://www.namecheap.com/support/knowledgebase/article.aspx/9446/0/apache-opensslmodsslnginx
 +
 
  openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
 
  openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
 +
 +
Note! For Wildcard certificates, the Common Name should be represented with an asterisk in front (e.g. *.example.com).
 +
 +
  SSLEngine on
 +
  SSLCertificateFile /etc/apache2/ssl/static.piousbox.com/static_piousbox_com.crt
 +
  SSLCertificateKeyFile /etc/apache2/ssl/static.piousbox.com/server.key
 +
  SSLCACertificateFile /etc/apache2/ssl/static.piousbox.com/static_piousbox_com.ca-bundle
 +
 +
Don't forget to chmod +x, the user is www-data, verify with https://www.sslshopper.com/ssl-checker.html#hostname=https://wasya.co/
 +
 +
== Self-signed certificate ==
 +
 +
From: https://www.baeldung.com/openssl-self-signed-cert
 +
 +
  openssl x509 -signkey server.key -in server.csr -req -days 365 -out server.crt
 +
 +
== Local apache ==
 +
From: https://medium.freecodecamp.org/how-to-get-https-working-on-your-local-development-environment-in-5-minutes-7af615770eec
 +
openssl genrsa -des3 -out rootCA.key 2048
 +
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem
 +
 +
== generate rsa public private key ==
 +
 +
openssl genrsa -out privkey.pem 2048
 +
openssl rsa -in private.pem -outform PEM -pubout -out public.pem

Latest revision as of 05:22, 13 March 2024

Generate CSR

From: https://www.namecheap.com/support/knowledgebase/article.aspx/9446/14/generating-csr-on-apache--opensslmodsslnginx--heroku/

From: https://www.namecheap.com/support/knowledgebase/article.aspx/9446/0/apache-opensslmodsslnginx

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

Note! For Wildcard certificates, the Common Name should be represented with an asterisk in front (e.g. *.example.com).

 SSLEngine on
 SSLCertificateFile /etc/apache2/ssl/static.piousbox.com/static_piousbox_com.crt
 SSLCertificateKeyFile /etc/apache2/ssl/static.piousbox.com/server.key
 SSLCACertificateFile /etc/apache2/ssl/static.piousbox.com/static_piousbox_com.ca-bundle

Don't forget to chmod +x, the user is www-data, verify with https://www.sslshopper.com/ssl-checker.html#hostname=https://wasya.co/

Self-signed certificate

From: https://www.baeldung.com/openssl-self-signed-cert

 openssl x509 -signkey server.key -in server.csr -req -days 365 -out server.crt

Local apache

From: https://medium.freecodecamp.org/how-to-get-https-working-on-your-local-development-environment-in-5-minutes-7af615770eec

openssl genrsa -des3 -out rootCA.key 2048
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem

generate rsa public private key

openssl genrsa -out privkey.pem 2048
openssl rsa -in private.pem -outform PEM -pubout -out public.pem