Home
Products
SupportGenerating a CSR on Zope with Linux
# SSL installation and configuration
#--Instructions on how to enable SSL on a Linux server.
#--Instructions and directory locations below are specific to Redhat Enterprise 3.0 installation
#--For other linux distributions, refer to their documentation.
#--remove temporary keys that were created at Linux install
#--The first method requires you to create a password. You will need to remember and type this EVERY time you
#--restart the (Apache) web server. This makes the server very secure and is recommended.
#--The second method creates a key that will not require a password when the web server is started.
#--first method...type the following command. It will ask you to type-in a (case-sensitive) password (twice).
#--Remember this password forever.
#--second method...no passwords required
# (A) Create Test SSL certificate
#--change directory and create cert. If you have chosen the password option above, you will be asked for it.
#--change directory and create cert request. If you have chosen the password option above, you will be asked for it.
#--Follow the instructions on the CA website to send certificate request
#--Instructions on how to enable SSL on a Linux server.
#--Instructions and directory locations below are specific to Redhat Enterprise 3.0 installation
#--For other linux distributions, refer to their documentation.
#--remove temporary keys that were created at Linux install
rm /etc/httpd/conf/ssl.key/server.key
rm /etc/httpd/conf/ssl.crt/server.crt
#--create key and set permissions. There are two ways of doing this. #--The first method requires you to create a password. You will need to remember and type this EVERY time you
#--restart the (Apache) web server. This makes the server very secure and is recommended.
#--The second method creates a key that will not require a password when the web server is started.
#--first method...type the following command. It will ask you to type-in a (case-sensitive) password (twice).
#--Remember this password forever.
make genkey #--second method...no passwords required
/usr/bin/openssl genrsa 1024 > /etc/httpd/conf/ssl.key/server.key
chmod go-rwx /etc/httpd/conf/ssl.key/server.key
#--You can now create a TEST cert (item A below) or an ACTUAL cert request (item B) # (A) Create Test SSL certificate
#--change directory and create cert. If you have chosen the password option above, you will be asked for it.
cd /usr/share/ssl/certs
make testcert
#--Enter your company specific details Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:California
Locality Name (eg, city) [Newbury]:Santa Clara
Organization Name (eg, company) [My Company Ltd]:Your Company Name
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:www.yourcompany.com
Email Address []:admin@yourcompany.com
#--this creates the following Test certificate /etc/httpd/conf/ssl.crt/server.crt
# (B) Create SSL certificate request to send to CA #--change directory and create cert request. If you have chosen the password option above, you will be asked for it.
cd /usr/share/ssl/certs
make certreq
#--Enter the following details (LEAVE THE LAST TWO ITEMS BLANK) Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:California
Locality Name (eg, city) [Newbury]:Santa Clara
Organization Name (eg, company) [My Company Ltd]:Your Company Name
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:www.yourcompany.com
Email Address []:admin@yourcompany.com
A challenge password []:
An optional company name []:
#--This creates the following file. This file is the certificate request, to be sent to the CA #--Follow the instructions on the CA website to send certificate request
/etc/httpd/conf/ssl.csr/server.csr
Contact us
Sales+31 (0) 88 600 1050
sales@thawte.nl
Support
+31 (0) 88 600 1050
support@thawte.nl
