Website hosting and cheap domain registration services
  

 Home
Red Hat Linux 7.1: The Official Red Hat Linux Reference Guide
PrevChapter 13. Using Apache as a Secure Web ServerNext

Creating a Self-Signed Certificate

You can create your own self-signed certificate. Please note that a self-signed certificate will not provide the security guarantees provided by a CA-signed certificate. See the section called Types of Certificates for more details about certificates.

If you would like to make your own self-signed certificate, you will first need to create a random key using the instructions provided in the section called Generating a Key. Once you have a key, use the following command: 

make testcert

You will see the following output and you will be prompted for your password (unless you generated a key without a password): 

umask 77 ; \
/usr/bin/openssl req -new -key /etc/httpd/conf/ssl.key/server.key 
-x509 -days 365 -out /etc/httpd/conf/ssl.crt/server.crt
Using configuration from /usr/share/ssl/openssl.cnf
Enter PEM pass phrase:

After you enter your password (or without a prompt if you created a key without a password), you will be asked for more information. The computer's output and a set of inputs looks like the following (you will need to provide the correct information for your organization and host): 

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US      
State or Province Name (full name) [Some-State]:North Carolina
Locality Name (eg, city) []:Durham
Organization Name (eg, company) [Internet Widgits]:My Company, Inc.
Organizational Unit Name (eg, section) []:Documentation
Common Name (your name or server's hostname) []:myhost.mydomain.com
Email Address []:myemail@mydomain.com

After you provide the correct information, a self-signed certificate will be created and placed in /etc/httpd/conf/ssl.crt/server.crt. You will need to restart your secure server after generating the certificate. See the section called Starting and Stopping httpd in Chapter 14 for instructions on restarting your secure Web server.

PrevHomeNext
Generating a Certificate Request to Send to a CAUpTesting Your Certificate

 

  

Network sites:

Active-Domain.com offers cheap domain registration, domain name transfer and domain search services  
 
Cheap domain registrar : cheap domain name registration and domain transfer 
 
 
 

Disclaimer: For authoritative source or latest update to this documentation, please refer to http://www.redhat.com/docs/manuals/linux/