Change-certificates-used-by-apache
Change certificates used by apache
Author: tor
If you want to change the certificates used by apache, the ones pointed out in the with SSLCertificateFile and SSLCertificateKeyFile in the config files. You can do as follow.
openssl req -new -x509 -nodes -out my_cert.pem -keyout my_privkey.pem
And answer the questions, as belo
If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:SE State or Province Name (full name) [Some-State]:My State Locality Name (eg, city) []:. Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company Organizational Unit Name (eg, section) []:Web Common Name (eg, YOUR name) []:app1.my.dyndns.com Email Address []:info@app1.my.dyndns.com
This will generate the two files:
my_cert.pem - the certificate my_privkey.pem - the private key used
Update your apache config entries SSLCertificateFile and SSLCertificateKeyFile to point to these new files or replace the old files. Then reload apache.
/etc/init.d/apache2 reload
An important note here. You can only have one certificate usable at a given time (Per IP number and port at least). So this must be the same as used in the main config, /etc/apache2/sites-available/bubba, if not bubbas original certificate will be used. If you want your certificate to be valid longer than 30 days use the -days <number of days> option:
openssl req -new -x509 -nodes -out my_cert.pem -keyout my_privkey.pem -days 1000