Configure HTTPS in RHEL4

Source: Internet
Author: User
Tags openssl rsa openssl x509
For simplicity and clarity, first install the Apache server using the RPM package.

# Cd/MISC/CD/RedHat/RPMS // enter the CD package storage directory
# Rpm-IVH rpmdb-redhat-4-0.20070421.i386.rpm // The purpose of installing this package is to facilitate dependency on some programs
# Rpm-IVH -- aid httpd-2.0.52-32.ent.i386.rpm // Add -- aid automatically resolves the package dependency, so the rpmdb package has been installed before
# Rpm-IVH mod_ssl-2.0.52-32.ent.i386.rpm // The purpose of installing this package is to achieve https
# Echo 'This is my first page! '>/Var/www/html/index.html // create a default home page and put it in the default home directory defined by Apache
# Service httpd start // start the server

Enter https: // server IP address in the browser to install the certificate to implement secure HTTP.

But at this time, the certificate is automatically generated by mod_ssl, and the information is not what we want! Therefore, you can use the following method to create your own certificate.

# Cd/etc/httpd/conf // enter the Apache configuration file storage directory
# Rm-f ssl. */server. * // Delete the certificate and signature file automatically installed by mod_ssl.
# OpenSSL genrsa-des3 1024> SSL. Key/server. Key // generate a private key file. The file requires a password.
# OpenSSL RSA-in SSL. Key/server. Key-out SSL. Key/server. Key // if you do not want to use the password, you must enter the password set during generation.

# OpenSSL req-New-key SSL. Key/server. Key-out SSL. CSR/server. CSR // generate a Certificate Signature request file (Certificate Signing Request)
You are about to be asked to enter information that will be ininitialized
Into your certificate request.
What you are about to enter is what is called a distinguished name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country name (2 letter code) [GB]: ch // enter the country name
State or province name (full name) [Berkshire]: Beijing // province name
Locality name (eg, city) [Newbury]: Beijing // City
Organization Name (eg, company) [My Company Ltd]: xhce // Organization Name
Organizational unit name (eg, section) []: bjxh // unit name
Common name (eg, your name or your server's hostname) // enter
Email Address []: weisheng213@126.com // mailbox
Please enter the following 'extra 'attributes
To be sent with your certificate request
A challenge password []: // query password, which can be left blank
An optional company name []: // you can leave it empty.

# OpenSSL X509-in SSL. CSR/server. CSR-out SSL. CRT/server. CRT-req-signkey SSL. key/server. key-days 365 // enable the server to act as the certificate signature server. In Security E-commerce, you must apply to a third-party business organization.
Signature OK
Subject =/C = CH/ST = Beijing/L = Beijing/o = xhce/ou = bjxh/CN =
Getting Private Key

# Vi ../CONF. d/SSL. conf // edit the main configuration file of mod_ssl
# Remove the # Above DocumentRoot "/var/www/html"

# Service httpd restart // restart the Apache server to read the new certificate information

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.