OpenSSL Generating a Private Key: Difference between revisions

Revision as of 17:52, 12 February 2013

Generate the private key using openssl.
1. # openssl genrsa -des3 -out <name>_passphrase.key 1024
2. Enter a pass phrase for the key.
Create a copy of the key with no pass phrase.
1. # cp <name>_passphrase.key <name>_nopassphrase.key
2. # openssl rsa -in <name>_nopassphrase.key -out <name>.key
Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
1. # openssl rsa -noout -modulus -in <name>.key | openssl md5
At this point, create a backup of the <name>_passphrase.key and <name>.key on separate media.
For use in Apache, use the SSL key with no pass phrase to generate any CSRs.

@@ Line 2: / Line 2: @@
 === Apache with mod_ssl Enabled ===
 # Generate the private key using openssl.
-## <tt>'''# openssl genrsa -des3 -out <name>.key 1024'''</tt>
+## <tt>'''# openssl genrsa -des3 -out <name>_passphrase.key 1024'''</tt>
+## Enter a pass phrase for the key.
+# Create a copy of the key with no pass phrase.
+## <tt>'''# cp <name>_passphrase.key <name>_nopassphrase.key'''</tt>
+## <tt>'''# openssl rsa -in <name>_nopassphrase.key -out <name>.key'''</tt>
 # Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
-## <tt>'''# openssl rsa -noout -modulus -in <privatekey.key> | openssl md5'''</tt>
+## <tt>'''# openssl rsa -noout -modulus -in <name>.key | openssl md5'''</tt>
+# At this point, create a backup of the <name>_passphrase.key and <name>.key on separate media.
+# For use in Apache, use the SSL key with no pass phrase to generate any CSRs.
 == Further Reading ==