Install SSL certificate

From The Network People, Inc. - Wiki
Jump to navigation Jump to search

A number of daemons use SSL to encrypt connections. By setting up SSL now, we can configure each daemon to use these same certificates.

mkdir /etc/ssl/certs /etc/ssl/private
chmod o-r /etc/ssl/private


install CA $igned certificate

If you have a SSL certificate for this hostname, purchased from a Certificate Authority, install it:

cp /path/to/private.key /etc/ssl/private/server.key
cp /path/to/certificate.crt /etc/ssl/certs/server.crt

Don't forget to append any CA chain files to the cert:

cat ca-bundle >> /etc/ssl/certs/server.crt


create a self-signed certificate

If you don't have a paid-for certificate, generate a self signed one:

openssl req -x509 -nodes -days 2190 -newkey rsa:2048 \
   -keyout /etc/ssl/private/server.key -out /etc/ssl/certs/server.crt