...
Code Block | ||
---|---|---|
| ||
su bhitch # Use a sudo enabled account. cd ~ mkdir private sudo chmod 700 ./private cd private openssl genrsa -out earth.com-_server.key 2048 |
The openssl command reads,
...
Panel | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
The private directory is not necessary but present for convention.
The openssl command reads,
Because we do not want to enter a password every time the web server is restarted, remove the password from the key file,
The next step is to generate the CSR. |
...
Code Block | ||
---|---|---|
| ||
openssl req -new -key earth.com-_server.key -out earth.com-_server.csr |
You will be prompted to enter information about the certificate. The values should reflect your organization.
...
The text file should be saved with the domain name and the crt extension and is your public key signed by that CA. In this example, it will be earth.com-_server.crt.
Download CA Certificates
...
It is recommend to change the ca.pem file to StartSSL-_Root_CA.pem.
Download Intermediate Certificates
...