Solved

How to create public/private key pair for web in Linux system?

Posted on 2010-11-24
8
326 Views
Last Modified: 2012-05-10
This is using SLES 11.0 server. There is a newly-build web server. Just wondering how to create the above keys to make https pages?
0
Comment
Question by:Balack
8 Comments
 
LVL 16

Expert Comment

by:Blaz
ID: 34204305
You can create a certificate on any machine - not neccessarily the same as you will be using it on.

You can create a certificate with openssl:
http://technocage.com/~caskey/openssl/
http://www.openssl.org/docs/HOWTO/certificates.txt
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 34205509
YAST has a built in CA - just use that :)
0
 

Author Comment

by:Balack
ID: 34205944
Then, how to use CA in YaST?
0
 

Author Comment

by:Balack
ID: 34206744
Can show in step-by-step? This is going to be use by tomcat apache.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 34207058
http://tinyurl.com/299ewo9 has a guide.

or you can use http://sourceforge.net/projects/xca if you want :)
0
 

Author Comment

by:Balack
ID: 34210032
It looks interesting. let's me read through and get back to you.
0
 
LVL 1

Expert Comment

by:mik0s
ID: 34212027
Generate a 1024 bit RSA private key

Execute command: “openssl genrsa -out private_key.pem 1024”

$ openssl genrsa -out private_key.pem 1024
Generating RSA private key, 1024 bit long modulus
.............................++++++
................................................................++++++
e is 65537 (0x10001)

Open in new window


Generating a public key from a private key

Execute command: "openssl rsa -pubout -in private_key.pem -out public_key.pem"

$ openssl rsa -pubout -in private_key.pem -out public_key.pem
writing RSA key

Open in new window


A new file is created, public_key.pem, with the public key.

Viewing the key elements

Execute command: "openssl rsa -text -in private_key.pem"

Connect certificate to Aapche2

<VirtualHost hostname.com:443>

        ......

        SSLEngine on
        SSLOptions +StrictRequire
        SSLCACertificateFile /etc/apache2/ssl/cert-bundle.pem
        SSLCertificateFile /etc/apache2/ssl/cert-bundle.pem
        SSLCertificateKeyFile /etc/apache2/ssl/cert-bundle.pem

        <Directory /var/www/sitename/>
                SSLRequireSSL
                ..........

Open in new window

0
 

Author Closing Comment

by:Balack
ID: 34317139
good
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

So you need a certificate so you can offer SSL encryption.  But which one should you get?  There are so many choices out there! Here is a generic overview of the main types of SSL certificates sold by the majority of commercial Certification Auth…
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now