2008/03/26(水)openssl設定

apache2でのopensslを使ったSSL設定

ぶっちゃけ理解せずにググっていたものを適用しただけ...
>openssl genrsa -out /etc/apache2/ssl/ssl.key/server.key 1024
>openssl req -new -days 1461 -key /etc/apache2/ssl/ssl.key/server.key -out /etc/apache2/ssl/ssl.crt/server.csr

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Hyogo
Locality Name (eg, city) []:Amagasaki
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Ujita Ele.
Organizational Unit Name (eg, section) []:develop
Common Name (eg, YOUR name) []:www.nenki.dyndns.org
Email Address []:yuichi@mail.ujiya-denshi.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

>openssl x509 -in /etc/apache2/ssl/ssl.crt/server.csr -out /etc/apache2/ssl/ssl.crt/server.crt -req -signkey /etc/apache2/ssl/ssl.key/server.key -days 1461
Signature ok
subject=/C=JP/ST=Hyogo/L=Amagasaki/O=Ujita Ele./OU=develop/CN=Yuichi/emailAddress=yuichi@mail.ujiya-denshi.com
Getting Private key