The private directory is not necessary but present for convention. Code Block |
---|
su serveradmin
cd ~
mkdir private
sudo chmod 700 ./private
cd private
openssl genrsa -aes256 -out server.key 2048 |
The openssl command reads, - genrsa - generate asymmetric keys
- aes266- - protect the RSA key with a passphrase using CBC AES 256 symmetric key encyrption
- 2048 - make the RSA private key 2048 bit
Because we do not want to enter a password every time the web server is restarted, Note |
---|
If you need to remove the remove the password from the key file, Code Block |
---|
| openssl rsa -in server.key -out server.key.insecure |
|
The next step is to generate the CSR. |