OpenSSL Generating a Private Key: Difference between revisions
Jump to navigation
Jump to search
(Created page with "== Generate the Private Key File == === Apache with mod_ssl Enabled === # Generate the private key using openssl. ## <tt>'''# openssl genrsa -des3 -out <name>.key 1024'''</tt>...") |
No edit summary |
||
Line 2: | Line 2: | ||
=== Apache with mod_ssl Enabled === | === Apache with mod_ssl Enabled === | ||
# Generate the private key using openssl. | # Generate the private key using openssl. | ||
## <tt>'''# openssl genrsa -des3 -out <name>.key 1024'''</tt> | ## <tt>'''# openssl genrsa -des3 -out <name>_passphrase.key 1024'''</tt> | ||
## Enter a pass phrase for the key. | |||
# Create a copy of the key with no pass phrase. | |||
## <tt>'''# cp <name>_passphrase.key <name>_nopassphrase.key'''</tt> | |||
## <tt>'''# openssl rsa -in <name>_nopassphrase.key -out <name>.key'''</tt> | |||
# Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate. | # Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate. | ||
## <tt>'''# openssl rsa -noout -modulus -in < | ## <tt>'''# openssl rsa -noout -modulus -in <name>.key | openssl md5'''</tt> | ||
# At this point, create a backup of the <name>_passphrase.key and <name>.key on separate media. | |||
# For use in Apache, use the SSL key with no pass phrase to generate any CSRs. | |||
== Further Reading == | == Further Reading == |
Revision as of 17:52, 12 February 2013
Generate the Private Key File
Apache with mod_ssl Enabled
- Generate the private key using openssl.
- # openssl genrsa -des3 -out <name>_passphrase.key 1024
- Enter a pass phrase for the key.
- Create a copy of the key with no pass phrase.
- # cp <name>_passphrase.key <name>_nopassphrase.key
- # openssl rsa -in <name>_nopassphrase.key -out <name>.key
- Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
- # openssl rsa -noout -modulus -in <name>.key | openssl md5
- At this point, create a backup of the <name>_passphrase.key and <name>.key on separate media.
- For use in Apache, use the SSL key with no pass phrase to generate any CSRs.