Boooooooooooorrreeeeedddd!
Installation on Apache Windows.
Key bit size: 2048-bit.
Ok, then...Step 1: Generate the Private Key.
The "openssl" is used to generate key and CSR. It comes with OpenSSL package and is usually installed into /usr/local/ssl/bin.
If not, these function will have to be adjusted.
Open a command promt and type the following command. Write "openssl" first in the command promt.
By the way, for all SSL certificates, the CSR key bit length must be 2048.
enter then a secure password and remember it. that password will protect the private key.
Just in case: To bypass the pass phrase, omit the -des3 option while generating the private key.
Second Step: Generating the CSR
Type this command at the prompt:
Enter then the pass phrase of the private key.
Then the command will prompt the X.509 attributes of the certificate.
Country name: you should use two-letters code without punctuation for country, ex: RO
State or Province: fill there the state completely, not abbreviate.
Locality or City: The Locality field is the city or town name as I think you know.
Company: your company name.
Organizational Unit(Optional): it is optional. OU field is the name of the department or organization unit making the request. To skip, press ENTER.
Common Name: It`s the Host + Domain Name. ex: "www.angell.com" or "angell.com"
NOTE: a certificate for domain "angell.com" will receive a warning if accessing a site named "www.angell.com" or "secure.angell.com".
Skip the other steps...
The public/private key has been created. The private key is stored on the locally server machine and is used for decrypton.
:)
Installation on Apache Windows.
Key bit size: 2048-bit.
Ok, then...Step 1: Generate the Private Key.
The "openssl" is used to generate key and CSR. It comes with OpenSSL package and is usually installed into /usr/local/ssl/bin.
If not, these function will have to be adjusted.
Open a command promt and type the following command. Write "openssl" first in the command promt.
Code:
openssl genrsa -des3 -out <file name of the private key>.key 2048
enter then a secure password and remember it. that password will protect the private key.
Just in case: To bypass the pass phrase, omit the -des3 option while generating the private key.
Second Step: Generating the CSR
Type this command at the prompt:
Code:
openssl req -new -key <file name of the private key>.key -config "C:\AppServ\Apache2.2\conf\openssl.cnf" -out <csr file name>.csr
Then the command will prompt the X.509 attributes of the certificate.
Country name: you should use two-letters code without punctuation for country, ex: RO
State or Province: fill there the state completely, not abbreviate.
Locality or City: The Locality field is the city or town name as I think you know.
Company: your company name.
Organizational Unit(Optional): it is optional. OU field is the name of the department or organization unit making the request. To skip, press ENTER.
Common Name: It`s the Host + Domain Name. ex: "www.angell.com" or "angell.com"
NOTE: a certificate for domain "angell.com" will receive a warning if accessing a site named "www.angell.com" or "secure.angell.com".
Skip the other steps...
The public/private key has been created. The private key is stored on the locally server machine and is used for decrypton.
:)