Created
August 6, 2014 01:19
-
-
Save Tantas/53b61050856fc24105a7 to your computer and use it in GitHub Desktop.
Create a self signed SSL cert and install
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Create a self signed SSL cert and install | |
| # Generate a private key | |
| openssl genrsa -des3 -out server.key 1024 | |
| # Generate a CSR (Certificate Signing Request) | |
| openssl req -new -key server.key -out server.csr | |
| # Remove passphrase from key | |
| cp server.key server.key.org | |
| openssl rsa -in server.key.org -out server.key | |
| # Generate a self-signed certificate | |
| openssl x509 -req -days 10000 -in server.csr -signkey server.key -out server.crt | |
| # Only root can read | |
| # Install the keys to apache directory | |
| cp server.crt /usr/local/apache/conf/ssl.crt | |
| cp server.key /usr/local/apache/conf/ssl.key | |
| # Configure the vhost to use the cert | |
| echo "Place the following into your vhost:" | |
| echo "SSLEngine on" | |
| echo "SSLCertificateFile /usr/local/apache/conf/ssl.crt" | |
| echo "SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key" | |
| echo SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown | |
| echo "CustomLog logs/ssl_request_log \" | |
| echo " %t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b | |
| # Restart apache | |
| echo | |
| echo "and restart Apache..." | |
| echo "sudo apachectl -k restart" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment