You want to generate certificates to use on your SSL server.
Use the openssl command-line program that comes with OpenSSL:
openssl genrsa -out hostname.key 1024%
openssl req -new -key hostname.key -out hostname.csr
At this point, you can either send your Certificate Signing Request (CSR) off to one of the certificate authority companies, such as Thawte or Entrust, for them to sign, or, if you prefer, you can sign the key yourself:
openssl x509 -req -days 365 -in hostname.csr -signkey hostname.key -out hostname.crt
Then move these files to your Apache server's configuration directory, such as /www/conf/, and then add the following lines in your httpd.conf configuration file:
SSLCertificateFile /www/conf/hostname.crt SSLCertificateKeyFile /www/conf/hostname.key
The SSL certificate is a central part of the SSL conversation and is required before you can run a secure server. Thus, generating the certificate is a necessary first step to configuring your secure server.
Generating the key is a multistep process, but it is fairly simple.
In the first step, we generate the private key. SSL is a private/public key encryption system, with the private key residing on the server and the public key going out with each connection to the server and encrypting data sent back to the server.
The first argument passed to the openssl program tells openssl that we want to generate an RSA key (genrsa), which is an encryption ...