...
Code Block | ||
---|---|---|
| ||
su bhitch # Use a sudo enabled account.
cd ~
mkdir private
sudo chmod 700 ./private
cd private
openssl genrsa -out www.earth.com_server.key 2048
|
...
Panel | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
The private directory is not necessary but present for convention.
The openssl command reads,
Because we do not want to enter a password every time the web server is restarted, remove the password from the key file,
The next step is to generate the CSR. |
...
Code Block | ||
---|---|---|
| ||
openssl req -new -key www.earth.com_server.key -out www.earth.com_server.csr |
You will be prompted to enter information about the certificate. The values should reflect your organization.
...
Note |
---|
Some CA such as StartSSL includes the base domain always in the Subject Alternative Name extension together with the chosen common name so both www.myraphamearth.com and myraphamearth.com will have ssl support. |
...