« Web hosting account - Chapter 23 . Running a Linux, Apache, MySQL,
Shared web hosting - Chapter 23 . Running a Linux, Apache, MySQL, »

614 Part V . (Web site optimization) Running Servers The following

614 Part V . Running Servers The following procedure describes how to generate and use SSL keys with the LAMP server (running on a Debian GNU/Linux system) configured in this chapter. For a general discussion of SSL keys and procedures specific to Fedora and other Red Hat Linux systems, refer to Chapter 6. Generating Your Keys To begin setting up SSL, use the openssl command, which is part of the OpenSSL package, to generate your public and private key: 1. Use APT to verify that OpenSSL is installed. If it is not present, APT will download and install it automatically: # apt-get install openssl 2. Generate a 1024-bit RSA private key and save it to a file: # cd /etc/apache/ssl.key/ # openssl genrsa -out server.key 1024 # chmod 600 server.key You can use a filename other than server.key and should do so if you plan to have more than one SSL host on your machine (which requires more than one IP address). Just make sure you specify the correct filename in the Apache configuration later. In higher-security environments, it is a good idea to encrypt the key by adding the -des3 argument after the genrsa argument on the openssl command line: # openssl genrsa -des3 -out server.key 1024 3. You are asked for a passphrase, which will be needed every time you start Apache. Do not lose this passphrase because it cannot be easily recovered. 4. If you plan to have your certificate signed by a CA (including one that you run yourself), generate a public key and a certificate signing request (CSR): # cd ../ssl.csr/ # openssl req -new -key ../ssl.key/server.key -out server.csr Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:Washington Locality Name (eg, city) []:Bellingham Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example Company, LTD. Organizational Unit Name (eg, section) []:Network Operations Common Name (eg, YOUR name) []:secure.example.org Email Address []:dom@example.org Please enter the following extra attributes to be sent with your certificate request A challenge password []: An optional company name []: Note
From our experience, we can recommend PHP Web Hosting services, if you need affordable webhost to host and run your web application.

This entry was posted on Monday, August 13th, 2007 at 2:15 pm and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply