'openssl'에 해당되는 글 1건

# yum install mod_ssl

[root@conoha-jp ~]# openssl genrsa -out ivps.kr.key 2048

Generating RSA private key, 2048 bit long modulus

..............................................................+++

......+++

e is 65537 (0x10001)

[root@conoha-jp ~]# openssl req -new -key ivps.kr.key -out ivps.kr.csr

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:KR

State or Province Name (full name) []:Seoul

Locality Name (eg, city) [Default City]:Seoul

Organization Name (eg, company) [Default Company Ltd]:myServer

Organizational Unit Name (eg, section) []:

Common Name (eg, your name or your server's hostname) []:ivps.kr

Email Address []:ivps@ivps.kr

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

[root@conoha-jp ~]# openssl x509 -req -days 365 -in ivps.kr.csr -signkey ivps.kr.key -out ivps.kr.crt

Signature ok

subject=/C=KR/ST=Seoul/L=Seoul/O=myServer/CN=ivps.kr/emailAddress=ivps@ivps.kr

Getting Private key

# chmod 600 ivps.kr.*

[root@conoha-jp ~]# cp ivps.kr.* /etc/httpd/conf.d/

[root@conoha-jp ~]# vi /etc/httpd/conf.d/ivps.kr.conf

<VirtualHost ivps.kr:443>

    SSLEngine On

    SSLCertificateFile /etc/httpd/conf.d/ivps.kr.crt

    SSLCertificateKeyFile /etc/httpd/conf.d/ivps.kr.key

    ServerName ivps.kr

    DocumentRoot /var/www/html

    ErrorLog logs/ivps.kr_error_log

    CustomLog logs/ivps.kr_access_log common

</VirtualHost>

# systemctl restart httpd