...
Note |
---|
The above chown root:root command ensure the signed public key is protected. Also, if you are using a user other than root to start Apache, then adjust the file ownership to that user. |
Notice the permissions on the /etc/ssl/private folder is 710 and owned by root and the group ssl-cert,
Code Block | ||
---|---|---|
| ||
ls -al /etc/ssl/
total 44
drwxr-xr-x 4 root root 4096 2011-04-07 10:15 .
drwxr-xr-x 71 root root 4096 2011-06-08 14:22 ..
drwxr-xr-x 2 root root 20480 2011-06-21 11:41 certs
-rw-r--r-- 1 root root 9374 2010-10-06 20:51 openssl.cnf
drwx--x--- 2 root ssl-cert 4096 2011-06-13 20:59 private
|
If you opt to use your own private folder makes sure to set the same permissions.
Store the private key into the protected folder,
...