crt, which must reside in the
/etc/httpd/conf/ssl.crt directory, and restart your Web server:
# service httpd restart
Assuming your Web site was previously working fine, you can now view it in a secure fashion
by placing an s after the http in the Web address. So if you previously viewed your Web
site at www.acmemarina.com, you can now view it in a secure fashion by going to https://
www.acmemarina.com.
Creating Self-Signed Certificates
Generating and running a self-signed SSL certificate is much easier than having a signed certificate.
To generate a self-signed SSL certificate on a Fedora system, do the following:
1. Remove the key and certificate that currently exist:
# cd /etc/httpd/conf
# rm ssl.key/server.key ssl.crt/server.crt
2. Create your own server key:
# make genkey
3. Create the self-signed certificate by typing the following:
# make testcert
umask 77 ; \
/usr/bin/openssl req -new -key
/etc/httpd/conf/ssl.key/server.key
-x509 -days 365 -out
/etc/httpd/conf/ssl.key/server.crt
.
.
.
At this point, it is time to start adding some identifying information to the certificate. Before you
can do this, you must unlock the private key you just created. Do so by typing the password you
typed earlier. Then follow this sample procedure:
You are about to be asked to enter information that will be
incorporated into your certificate request.
Pages:
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524