>Using SSL Certificate in your web site

By | November 17, 2009

>1) Generate a key:

$ openssl genrsa -out www.example.com-key 2048
Generating RSA private key, 2048 bit long modulus

2) Generate a Certificate Sigining Request (CSR):

$ openssl req -new -key www.example.com-key -out
www.example.com-csr
You are about to be asked to enter information that will be
incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished
Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]:
State or Province Name (full name) [Berkshire]:Greater London
Locality Name (eg, city) [Newbury]:London
Organization Name (eg, company) [My Company Ltd]:Acme Websites
Ltd.
Organizational Unit Name (eg, section) []: <Leave blank>
Common Name (eg, your name or your server’s hostname)
[]:www.example.com
Email Address []: <Leave blank>

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []: <Leave blank>
An optional company name []: <Leave blank>

3) Buy a certificate:

You can buy certificate from verisign, or thwate or such CA. What you need to do is goto website of these Certificate Authority and submit your csr file.

4) Setup an SSL Vhost:

<VirtualHost 0.0.0.0:443>
ServerName “www.example.com
SSLEngine on
SSLCertificateFile “/etc/httpd/conf/ssl/www.example.com-cert”
SSLCertificateKeyFile “/etc/httpd/conf/ssl/www.example.com-key”

</VirtualHost>

Share itShare on FacebookEmail this to someoneTweet about this on TwitterShare on Google+Share on LinkedInPrint this page

2 thoughts on “>Using SSL Certificate in your web site

  1. Jamie

    >Vishesh, I command you on your tips for generating a csr.file, but if you're a smaller organisation and site, which is predominantly the case, there are some economically viable alternatives to the larger fees charged by the likes of Verisign and Thawte, in the form of Free SSL Certificates. Although granted online users and customers will not recognise and respond to these compared to Verisign, which currently is used by the worlds top 40 banks, it is still a mentionable alternative.

    Reply
  2. Mukesh

    >Why here
    SSL Rngine on——what its role
    and what the the process ti redirect all page http to https
    Plz reply

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Current month ye@r day *