Solved

How to create public/private key pair for web in Linux system?

Posted on 2010-11-24
8
333 Views
Last Modified: 2012-05-10
This is using SLES 11.0 server. There is a newly-build web server. Just wondering how to create the above keys to make https pages?
0
Comment
Question by:Balack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 16

Expert Comment

by:Blaz
ID: 34204305
You can create a certificate on any machine - not neccessarily the same as you will be using it on.

You can create a certificate with openssl:
http://technocage.com/~caskey/openssl/
http://www.openssl.org/docs/HOWTO/certificates.txt
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 34205509
YAST has a built in CA - just use that :)
0
 

Author Comment

by:Balack
ID: 34205944
Then, how to use CA in YaST?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Balack
ID: 34206744
Can show in step-by-step? This is going to be use by tomcat apache.
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 34207058
http://tinyurl.com/299ewo9 has a guide.

or you can use http://sourceforge.net/projects/xca if you want :)
0
 

Author Comment

by:Balack
ID: 34210032
It looks interesting. let's me read through and get back to you.
0
 
LVL 1

Expert Comment

by:mik0s
ID: 34212027
Generate a 1024 bit RSA private key

Execute command: “openssl genrsa -out private_key.pem 1024”

$ openssl genrsa -out private_key.pem 1024
Generating RSA private key, 1024 bit long modulus
.............................++++++
................................................................++++++
e is 65537 (0x10001)

Open in new window


Generating a public key from a private key

Execute command: "openssl rsa -pubout -in private_key.pem -out public_key.pem"

$ openssl rsa -pubout -in private_key.pem -out public_key.pem
writing RSA key

Open in new window


A new file is created, public_key.pem, with the public key.

Viewing the key elements

Execute command: "openssl rsa -text -in private_key.pem"

Connect certificate to Aapche2

<VirtualHost hostname.com:443>

        ......

        SSLEngine on
        SSLOptions +StrictRequire
        SSLCACertificateFile /etc/apache2/ssl/cert-bundle.pem
        SSLCertificateFile /etc/apache2/ssl/cert-bundle.pem
        SSLCertificateKeyFile /etc/apache2/ssl/cert-bundle.pem

        <Directory /var/www/sitename/>
                SSLRequireSSL
                ..........

Open in new window

0
 

Author Closing Comment

by:Balack
ID: 34317139
good
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question