OpenSSL Generating a Private Key

From UNIX Systems Administration
Revision as of 17:52, 12 February 2013 by Michael Kohler (talk | contribs)
Jump to navigation Jump to search

Generate the Private Key File

Apache with mod_ssl Enabled

  1. Generate the private key using openssl.
    1. # openssl genrsa -des3 -out <name>_passphrase.key 1024
    2. Enter a pass phrase for the key.
  2. Create a copy of the key with no pass phrase.
    1. # cp <name>_passphrase.key <name>_nopassphrase.key
    2. # openssl rsa -in <name>_nopassphrase.key -out <name>.key
  3. Verify the checksum of the key, this will be used to verify the CSR and the self signed certificate.
    1. # openssl rsa -noout -modulus -in <name>.key | openssl md5
  4. At this point, create a backup of the <name>_passphrase.key and <name>.key on separate media.
  5. For use in Apache, use the SSL key with no pass phrase to generate any CSRs.

Further Reading

  1. How to Generate SSL key, CSR, and Self Signed Certificate for Apache
Retrieved from "http://www.outlandsmud.com/wiki/index.php?title=OpenSSL_Generating_a_Private_Key&oldid=354"