![]() ![]() If so, complete this step after step 2 ( Generating the CSR): cp server. ![]() If you think you will be shutting the server down a lot, you may want to remove the passphrase from the key so you can avoid entering it each time. (replace path appropriately with the path to your certificate and key)Īpache will ask you for the passphrase to your key. SSLCertificateKeyFile /path/to/generated/server.key SSLCertificateFile /path/to/generated/server.crt Generating the self signed certificate: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crtĬonfiguring SSL in nf for Apache: SSLEngine on It's fairly straightforward, the common name is your server's hostname as it says in brackets. Please enter the following 'extra' attributes Organizational Unit Name (eg, section) :Ĭommon Name (eg, your name or your server's hostname) : In order to do this, please find the CA bundle that was received along with your issued certificate. file you received to the keychain so the certificate can be trusted and signed by the Certificate Authority, Comodo CA (now Sectigo CA) in this case. It will request details like this: Country Name (2 letter code) : How to install an SSL certificate on Mac OS servers. Generating the CSR (certificate signing request): openssl req -new -key server.key -out server.csr Verifying password - Enter PEM pass phrase: Output: Generating RSA private key, 1024 bit long modulus Generating the private key: openssl genrsa -des3 -out server.key 1024 You can generate one with the OpenSSL kit like so: For local development testing a self-signed certificate is adequate.
0 Comments
Leave a Reply. |