Skip to main content

SSL Web Server

Generate Certificates

Method 1: 不需要 CA 的憑證

mkdir /etc/apache2/certs
cd /etc/apache2/certs
openssl genrsa -out myhomepbx.key 2048
openssl req -new -key myhomepbx.key -out myhomepbx.csr
openssl x509 -req -days 3650 -in myhomepbx.csr -signkey myhomepbx.key -out myhomepbx.crt

Method 2: 需要 CA 的憑證

# generate CA
cd /etc/ssl/homepbx-certs
openssl req -new -x509 -extensions v3_ca -keyout ca.key -out ca.crt -days 3650 

# generate Server certificates
cp /etc/ssl/openssl.conf ./
openssl -config openssl.homepbx.cnf genrsa -out myhomepbx.server.key 2048
openssl req -config openssl.homepbx.cnf -new -key myhomepbx.server.key -out myhomepbx.server.csr
openssl x509 -req -config openssl.homepbx.cnf -days 3650 -in myhomepbx.server.csr -signkey myhomepbx.server.key -out myhomepbx.server.crt

 

Apache Setup

 

Back to top