OpenSSL CSR Creation for Apache SSL

How to generate a CSR for Apache using OpenSSL
Recommended: Save yourself some time by using our new OpenSSL CSR Wizard to create your apache ssl csr. Just fill in the details, click Generate, and paste your customized openssl command into your terminal.
If you will be using Apache for Mac OS X server 10.5, see our Mac OS X CSR instructions.


Of course if you prefer to build your own shell commands to generate your apache csr, just follow our old instructions below:
1.      Login to your server via your terminal client (ssh). At the prompt, type:

# openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

Generate with SHA-2
# openssl req -new -newkey rsa:2048 -nodes -sha256 -out server.csr -keyout server.key

where server is the name of your server.
Country Name (2 letter code) [GB]:VN
State or Province Name (full name) [Berkshire]:VietNam
Locality Name (eg, city) [Newbury]:VietNam
Organization Name (eg, company) [My Company Ltd]:VietNam Post Limited
Organizational Unit Name (eg, section) []:VietNam  Post Limited
Common Name (eg, your name or your server's hostname) []:www.vnpost.vn
Email Address []:pdelete@vnpost.vn
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:





2.      This
begins the process of generating two files: the Private-Key file for the
decryption of your SSL Certificate, and a certificate signing request (CSR)
file (used to apply for your SSL Certificate) with apache openssl. 



When you are prompted for the Common Name
(domain name), enter the fully qualified domain name for the site you are
securing. If you are generating an Apache CSR for a Wildcard SSL
Certificate your common name should start with an asterisk (such as
*.example.com). 



You will then be prompted for your organizational
information, beginning with geographic information. There may be default
information set already. 



This will then create your openssl .csr file. 



3.      Open
the CSR file with a text editor and copy and paste it (including the BEGIN and
END tags) into the DigiCert Certificate order form. 



4.      Save
(backup) the generated .key file as it will be required later for Certificate
installation. 



Note: Decode CSR at: http://certlogik.com/decoder/

https://ssltools.websecurity.symantec.com/checker/views/csrCheck.jsp



Decode certificate:

https://www.sslshopper.com/certificate-decoder.html



Generate Your Apache Self Signed Certificate



# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -sha256 -keyout samplestore.key -out samplestore.crt













































Nhận xét











Đăng nhận xét



















Bài đăng phổ biến từ blog này









CLEANING UP THE ZABBIX DATABASE





















 My Zabbix database size increased a lot in the last few months and since my disk was running out space, I decided to clean up the old events from the database.   Looking at the database tables, the biggest one was  history_uint , which holds the items history data – over 400 millions of records and over 30 Gb of disk space before the clean up.   Since deleting the old records from this table directly would be a very slow process, I decided to create a new table and insert the latest records from the  history_uint  table and then just replace the old table with a new one.   Since this is not an offical procedure, use it at your own risk.   Environment:  Zabbix v2.2  MySql 5.1 – InnoDB with  innodb_file_per_table=ON   Step 1 – Stop the Zabbix server   Step 2 – Open your favourite MySQL client and create a new table   CREATE TABLE  history_uint_new  LIKE  history_uint;   Step 3 – Insert the latest records from the  history_uint  table to the...








Đọc thêm










Configuring DHCP Relay service on the FortiGate unit





















 Configuring DHCP Relay service on the FortiGate unit  If the clients are configured to obtain a IP address using DHCP relay, configure the FortiGate server as below:   To configure DHCP relay on the FortiGate unit    1. Go to System > Network > Interfaces and select Interface want to configure DHCP relay.    2. Enable DHCP Server in the interface and choose Advanced    3. For Mode, select Relay.    4. In Type select Regular.    5. Select OK.    6. If a router is installed between the FortiGate unit and the DHCP server, define a static route to the DHCP server.   Note : Sometimes it is required to specify more than one DHCP relay IP, to allow for the coverage of additional LAN subnets. Although the Web Based Manager (GUI) does not provide an option to configure this, it is possible to set up to 8 IPs from the CLI.         config system interface              edit <REQUIRED_INTERFACE_HERE>    ...








Đọc thêm










[Resolved] Amazon EC2 Redhat 7 using 6GB for the root space




















Hình ảnh







I create new server with 10GB of HDD, but when i check on the command line, the root space only show 6GB. I'm using t2.micto and Redhat 7.0, disk type: XFS.            - xvda1: boot partition   - xvda2: root partition     Fix Step:   We have instance A with the volume VA.     1) Stop the current instace A   2) Snapshot the current volume VA of the instance A   3) Start the instance A   4) Create new volume with 25GB by using the snapshot of volume VA then we have new volume VB   5) Attach the new volume VB to the instance A as default (/dev/sdf)   6) From the ssh console, i use the lsblk command to list the disk.   # lsblk   7) Using the xfs_repair to repair the /dev/xvdf2  ( yum install xfsprogs)   # xfs_repair /dev/xvdf2         8) Continue as the image below         9) Remove the /dev/xvdf2, remember the start of this disk then we will create the new one with the same.            10) Using XFS command to repair the /dev/xvdf2 again.  # xfs_repair /dev/xvdf2  11) Use the lsblk co...








Đọc thêm