Install SSL certificate
Jump to navigation
Jump to search
A number of daemons use SSL to encrypt connections. By setting up SSL now, we can configure each daemon to use these same certificates.
mkdir /etc/ssl/certs /etc/ssl/private chmod o-r /etc/ssl/private
install CA $igned certificate
If you have a SSL certificate for this hostname, purchased from a Certificate Authority, install it:
cp /path/to/private.key /etc/ssl/private/server.key cp /path/to/certificate.crt /etc/ssl/certs/server.crt
Don't forget to append any CA chain files to the cert:
cat ca-bundle >> /etc/ssl/certs/server.crt
create a self-signed certificate
If you don't have a paid-for certificate, generate a self signed one:
openssl req -x509 -nodes -days 2190 -newkey rsa:2048 \ -keyout /etc/ssl/private/server.key -out /etc/ssl/certs/server.crt