Create Self Signed SSL Certificate - CentOS and RHEL

This article will guide you on creating a custom Self-signed SSL Certificate in no time. For creating one you would need top have Root access to the host. SSL Certificate is used for securing the access to a website or any apache based WebUI you use and that includes Nagios and Cacti.

First would need to generate the custom certificate files. That would include creating 3 files for it.

  1. File1*.key
  2. File2*.csr
  3. File3*.crt

Then would need to generate the SSLCertificate file "/etc/pki/tls/"

# cd /etc/pki/tls
# openssl genrsa -out test-server.hm.local.key 2048
# openssl req -new -key test-server.hm.local.key -out test-server.hm.local.csr

Output

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:GB
State or Province Name (full name) []:State
Locality Name (eg, city) [Default City]:NewCity
Organization Name (eg, company) [Default Company Ltd]:Vizio Ltd.
Organizational Unit Name (eg, section) []:DEV
Common Name (eg, your name or your server's hostname) []:Nagios and Cacti Server
Email Address []:admin@vizio.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:password
An optional company name []:Vizio Ltd
# openssl x509 -req -days 1095 -in test-server.hm.local.csr -signkey test-server.hm.local.key -out test-server.hm.local.crt

And then move the Key, CSR and Cert to the TLS folder on the host

# mv test-server.hm.local.crt /etc/pki/tls/certs/
# mv test-server.hm.local.key /etc/pki/tls/private/
# mv test-server.hm.local.csr /etc/pki/tls/private/

Reflect the location of the newly generated Certs by editing “ssl.conf”

NOTE: If there is no "ssl.conf" then you need to install openssl.

# yum -y install openssl openssl-devel mod_ssl

# vi /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/pki/tls/certs/test-server.hm.local.crt
SSLCertificateKeyFile /etc/pki/tls/private/test-server.hm.local.key

Lastly Restart Apache Service for the Cert to be navigated and picked up

# service httpd restart

Most Read Articles

Add/Detect a new disk in ...

Written By Farooq Mohammed Ahmed on Sunday, 11 January 2015 19:22
Add/Detect a new disk in ...

Replace SSL Certificates ...

Written By Farooq Mohammed Ahmed on Friday, 16 December 2016 08:05
Replace SSL Certificates ...

Using awk in Alias Comman...

Written By Farooq Mohammed Ahmed on Friday, 19 February 2016 14:22
Using awk in Alias Comman...

Sed - Insert Text before ...

Written By Farooq Mohammed Ahmed on Monday, 20 November 2017 00:58
Sed - Insert Text before ...

Script to Monitor Nagios ...

Written By Farooq Mohammed Ahmed on Monday, 18 July 2016 22:48
Script to Monitor Nagios ...