Electronic Books

conf??”Web server configuration file
 Makefile??”Certificate building script
 ssl.crl??”Certificate revocation list directory
 ssl.crt??”SSL certificate directory
239
Securing Linux 6
 ssl.csr??”Certificate service request directory
 ssl.key??”SSL certificate private key directory
 ssl.prm??”SSL certificate parameters
 ssl.conf??”Primary Web server SSL configuration file
Now that you??™re familiar with the basic components, take a look at the tools used to create SSL
certificates:
# cd /etc/httpd/conf
# make
This makefile allows you to create:
o public/private key pairs
o SSL certificate signing requests (CSRs)
o self-signed SSL test certificates
To create a key pair, run ???make SOMETHING.key???.
To create a CSR, run ???make SOMETHING.csr???.
To create a test certificate, run ???make SOMETHING.crt???.
To create a key and a test certificate in one file, run ???make SOMETHING.pem???.
To create a key for use with Apache, run ???make genkey???.
To create a CSR for use with Apache, run ???make certreq???.
To create a test certificate for use with Apache, run ???make testcert???.
Examples:
make server.key
make server.csr
make server.crt
make stunnel.pem
make genkey
make certreq
make testcert
The make command utilizes the makefile to create SSL certificates.


Pages:
492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516