Creating a Self-Signed Certificate

Previous page
Table of content
Next page


You can create your own self-signed certificate. Note that a self-signed certificate will not provide the security guarantees provided by a CA-signed certificate. See the section “Types of Certificates” for more details about certificates.

If you would like to make your own self-signed certificate, you will first need to create a random key using the instructions provided in the “Generating a Key” section. Once you have a key, make sure you are in the /usr/share/ssl/certs directory and type the following command:

make testcert

You will see the following output and you will be prompted for your password (unless you generated a key without a password):

umask 77 ; \ /usr/bin/openssl req -new -key /etc/httpd/conf/ssl.key/server.key -x509 -days 365 -out /etc/httpd/conf/ssl.crt/server.crt Using configuration from /usr/share/ssl/openssl.cnf Enter PEM pass phrase:

After you enter your password (if you created a key without a password, no prompt will be given), you will be asked for more information. The computer’s output and a set of inputs will look like the following (you will need to provide the correct information for your organization and host):

You are about to be asked to enter information that will be incorporated into your certificate  request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few  fields but you can leave some blank  For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:US State or Province Name (full name) [Berkshire]:North Carolina Locality Name (eg, city) [Newbury]:Raleigh Organization Name (eg, company) [My Company Ltd]:My Company, Inc. Organizational Unit Name (eg, section) []:Documentation Common Name (your name or server's hostname) []:myhost.example.com Email Address []:myemail@example.com

After you provide the correct information, a self-signed certificate will be created in /etc/httpd/conf/ssl.crt/server.crt. You will need to restart your secure server with the following command after generating the certificate:

/sbin/service httpd restart


Previous page
Table of content
Next page
Official Red Hat Linux Administrator's Guide
Official Red Hat Linux Administrators Guide
ISBN: 0764516957
EAN: 2147483647
Year: 2002
Pages: 278
Authors: Red Hat Inc
BUY ON AMAZON
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Postfix: The Definitive Guide
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
What is Lean Six Sigma
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy