Difference between revisions of "Change-certificates-used-by-apache"

Latest revision as of 11:04, 7 October 2010

Change certificates used by apache
Author: tor

If you want to change the certificates used by apache, the ones pointed out in the with SSLCertificateFile and SSLCertificateKeyFile in the config files. You can do as follow.

openssl req -new -x509 -nodes -out my_cert.pem -keyout my_privkey.pem

And answer the questions, for example:

If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:SE
State or Province Name (full name) [Some-State]:My State
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company
Organizational Unit Name (eg, section) []:Web
Common Name (eg, YOUR name) []:app1.my.dyndns.com
Email Address []:info@app1.my.dyndns.com

This will generate the two files:

my_cert.pem - the certificate
my_privkey.pem - the private key used

Update your apache config entries SSLCertificateFile and SSLCertificateKeyFile to point to these new files or replace the old files. Then reload apache.

/etc/init.d/apache2 reload

An important note here. You can only have one certificate usable at a given time (Per IP number and port at least). So this must be the same as used in the main config, /etc/apache2/sites-available/bubba, if not bubbas original certificate will be used. If you want your certificate to be valid longer than 30 days use the -days <number of days> option:

openssl req -new -x509 -nodes -out my_cert.pem -keyout my_privkey.pem -days 1000

@@ Line 1: / Line 1: @@
 Change certificates used by apache<br>Author: tor<br><br>If you want to change the certificates used by apache, the ones pointed out in the with SSLCertificateFile and SSLCertificateKeyFile in the config files. You can do as follow.
 <pre>openssl req -new -x509 -nodes -out my_cert.pem -keyout my_privkey.pem</pre>
+And answer the questions, for example:<br>
-And answer the questions, as belo<br>
 <pre>If you enter '.', the field will be left blank.
 -----
@@ Line 12: / Line 10: @@
 Organizational Unit Name (eg, section) []:Web
 Common Name (eg, YOUR name) []:app1.my.dyndns.com
 Email Address []:info@app1.my.dyndns.com</pre>
 This will generate the two files:
 <pre>my_cert.pem - the certificate
 my_privkey.pem - the private key used</pre>
 Update your apache config entries SSLCertificateFile and SSLCertificateKeyFile to point to these new files or replace the old files. Then reload apache.
 <pre>/etc/init.d/apache2 reload</pre>
+<br> An important note here. You can only have one certificate usable at a given time (Per IP number and port at least). So this must be the same as used in the main config, /etc/apache2/sites-available/bubba, if not bubbas original certificate will be used. If you want your certificate to be valid longer than 30 days use the -days &lt;number of days&gt; option:<br>
-An important note here. You can only have one certificate usable at a given time (Per IP number and port at least). So this must be the same as used in the main config, /etc/apache2/sites-available/bubba, if not bubbas original certificate will be used. If you want your certificate to be valid longer than 30 days use the -days &lt;number of days&gt; option:<br>
 <pre>openssl req -new -x509 -nodes -out my_cert.pem -keyout my_privkey.pem -days 1000
 </pre>

Difference between revisions of "Change-certificates-used-by-apache"

Latest revision as of 11:04, 7 October 2010

Navigation menu

Search