redhat_Linux

Create Self Signed SSL Certificate – CentOS and RHEL

by Farooq Ahmed | Dec 7, 2015 | RHEL / CentOS

This article will guide you on creating a custom Self-signed SSL Certificate in no time. For creating one you would need top have Root access to the host. SSL Certificate is used for securing the access to a website or any apache based WebUI you use and that includes Nagios and Cacti.

First would need to generate the custom certificate files. That would include creating 3 files for it.

File1*.key
File2*.csr
File3*.crt

Then would need to generate the SSLCertificate file “/etc/pki/tls/”

# cd /etc/pki/tls

# openssl genrsa -out test-server.hm.local.key 2048

# openssl req -new -key test-server.hm.local.key -out test-server.hm.local.csr

Output

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:GB
State or Province Name (full name) []:State
Locality Name (eg, city) [Default City]:NewCity
Organization Name (eg, company) [Default Company Ltd]:Vizio Ltd.
Organizational Unit Name (eg, section) []:DEV
Common Name (eg, your name or your server's hostname) []:Nagios and Cacti Server
Email Address []:admin@vizio.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:password
An optional company name []:Vizio Ltd

# openssl x509 -req -days 1095 -in test-server.hm.local.csr -signkey test-server.hm.local.key -out test-server.hm.local.crt

And then move the Key, CSR and Cert to the TLS folder on the host

# mv test-server.hm.local.crt /etc/pki/tls/certs/

# mv test-server.hm.local.key /etc/pki/tls/private/

# mv test-server.hm.local.csr /etc/pki/tls/private/

Reflect the location of the newly generated Certs by editing “ssl.conf”

NOTE: If there is no “ssl.conf” then you need to install openssl.

# yum -y install openssl openssl-devel mod_ssl

# vi /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/pki/tls/certs/test-server.hm.local.crt

SSLCertificateKeyFile /etc/pki/tls/private/test-server.hm.local.key

Lastly Restart Apache Service for the Cert to be navigated and picked up

# service httpd restart

Related Articles….

Install latest Ansible version on Debian 10 (Buster)

by Farooq Ahmed | Jul 26, 2022 | Debian Buster (10)

This article will guide you on installing latest version of Ansible on a Debian 9/10 host. For this article I will be...

Install latest Nginx version from source – Debian 10 (Buster)

by Farooq Ahmed | Jul 13, 2022 | Debian Buster (10)

This article shows you how to install Nginx version 1.23 (at the time of writing this article) on a RaspberryPi...

Generate/sign CSR with subject Alternative Name (SAN) – CentOS7/RHEL7

by Farooq Ahmed | Dec 28, 2018 | RHEL / CentOS

This article will guide you through generating and signing a CSR and at the same time including SubjectAltName within...

Setup/Install WebPasswordsafe (WPS) on CentOS7/RHEL7

by Farooq Ahmed | Dec 24, 2018 | RHEL / CentOS

This article will guide you on installing/setup of WebPasswordsafe v1.3 (WPS) on CentOS7/RHEL7. This is a Password...

Enable https on WebPasswordSafe (WPS) on CentOS7/RHEL7

by Farooq Ahmed | Dec 24, 2018 | RHEL / CentOS

This article will guide you through Enabling https on WebPasswordSafe v1.3. The assumption is that you already have a...

Setup MariaDB on CentOS7/RHEL7

by Farooq Ahmed | Dec 24, 2018 | RHEL / CentOS

This article will guide through installing MariaDB server and its configuration on CentOS7/RHEL7. The assumption for...

« Older Entries