OpenSSL Generating a Private Key: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| (6 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
# Generate the private key using openssl. | # Generate the private key using openssl. | ||
## To Generate a private key with a pass phrase. | ## To Generate a private key with a pass phrase. | ||
### <tt>'''# openssl genrsa -des3 -out <key_name>_passphrase.key | ### <tt>'''# openssl genrsa -des3 -out <key_name>_passphrase.key 2048'''</tt> | ||
### Enter a pass phrase for the key. | ### Enter a pass phrase for the key. | ||
### Create a copy of the key with no pass phrase. | ### Create a copy of the key with no pass phrase. | ||
| Line 10: | Line 10: | ||
### Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate. | ### Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate. | ||
#### <tt>'''# openssl rsa -noout -modulus -in <key_name>.key | openssl md5'''</tt> | #### <tt>'''# openssl rsa -noout -modulus -in <key_name>.key | openssl md5'''</tt> | ||
## To Generate a private key without a pass phrase | ## To Generate a private key without a pass phrase. | ||
### <tt>'''# openssl genrsa -out | ### <tt>'''# openssl genrsa -out <key_name>_nopassphrase.key 2048'''</tt> | ||
# Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate. | # Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate. | ||
## <tt>'''# openssl rsa -noout -modulus -in <key_name>.key | openssl md5'''</tt> | ## <tt>'''# openssl rsa -noout -modulus -in <key_name>.key | openssl md5'''</tt> | ||
# At this point, create a backup of the | # At this point, create a backup of all of the keys on separate media. | ||
# For use in Apache, use the SSL key with no pass phrase to generate any CSRs. | # For use in Apache, use the SSL key with no pass phrase to generate any CSRs. | ||
| Line 23: | Line 20: | ||
# [http://www.thegeekstuff.com/2009/07/linux-apache-mod-ssl-generate-key-csr-crt-file/ How to Generate SSL key, CSR, and Self Signed Certificate for Apache] | # [http://www.thegeekstuff.com/2009/07/linux-apache-mod-ssl-generate-key-csr-crt-file/ How to Generate SSL key, CSR, and Self Signed Certificate for Apache] | ||
[[Category:Software]] | |||
[[Category:SSL]] | [[Category:SSL]] | ||
Latest revision as of 19:21, 12 November 2020
Generate the Private Key File
Apache with mod_ssl Enabled
- Generate the private key using openssl.
- To Generate a private key with a pass phrase.
- # openssl genrsa -des3 -out <key_name>_passphrase.key 2048
- Enter a pass phrase for the key.
- Create a copy of the key with no pass phrase.
- # cp <key_name>_passphrase.key <key_name>_nopassphrase.key
- # openssl rsa -in <key_name>_nopassphrase.key -out <key_name>.key
- Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
- # openssl rsa -noout -modulus -in <key_name>.key | openssl md5
- To Generate a private key without a pass phrase.
- # openssl genrsa -out <key_name>_nopassphrase.key 2048
- To Generate a private key with a pass phrase.
- Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
- # openssl rsa -noout -modulus -in <key_name>.key | openssl md5
- At this point, create a backup of all of the keys on separate media.
- For use in Apache, use the SSL key with no pass phrase to generate any CSRs.