Generate OpenSSL certificate requests for Apache

From Tech-Wiki
Jump to: navigation, search

Method 1

Generate the private key

# openssl genrsa -aes256 -out server.key 2048

Adjust the key to avoid asking for password on Apache startup:

# openssl rsa -in server.key -out server.key 

Generate the Certificate Request based on this previous request using provided key:

# openssl req -new -sha256 -key server.key -out server.csr 

If you are working in a test environment, you can create Self-Signed certificates (non-valid)

# openssl req -new -sha256 -x509 -days 1825 -key server.key -out server.crt 


Method 2

Generate CSR - Certificate Request and private key at once:

# openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr

If you are working in a test environment, you can create Self-Signed certificates (non-valid):

# openssl x509 -req -days 1825 -in server.csr -signkey server.key -out server.crt