...
This is the generally accepted method of generating the key,
Code Block | ||
---|---|---|
| ||
su serveradmin
cd ~
mkdir private
sudo chmod 700 ./private
cd private
openssl genrsa -out server.key 2048
|
The openssl command reads,
- 2048 - make the RSA private key 2048 bit
Note |
---|
Notice the creation of the private directory. It is very important that only the proper administrators should have access to the private key. |
The next step is to generate the CSR.
...
If a password is used, a password will need to be entered whenever the service using the certificate is started.
Panel | |||||||||
---|---|---|---|---|---|---|---|---|---|
The private directory is not necessary but present for convention.
The openssl command reads,
Because we do not want to enter a password every time the web server is restarted, remove the password from the key file,
The next step is to generate the CSR. |
...