« Web site directory - 613Chapter 23Running a Linux, Apache, MySQL, and PHP
615Chapter 23Running a (Starting a web site) Linux, Apache, MySQL, and PHP »

614Part VRunning ServersThe following procedure describes how to (Web hosting plans)

614Part VRunning ServersThe following procedure describes how to generate and use SSL keys with theLAMP server (running on a Debian GNU/Linux system) configured in this chapter. For a general discussion of SSL keys and procedures specific to Fedora and otherRed Hat Linux systems, refer to Chapter 6. Generating Your KeysTo begin setting up SSL, use the opensslcommand, which is part of the OpenSSLpackage, to generate your public and private key: 1.Use APT to verify that OpenSSL is installed. If it is not present, APT will down- load and install it automatically: # apt-get install openssl2.Generate a 1024-bit RSA private key and save it to a file: # cd /etc/apache/ssl.key/ # openssl genrsa -out server.key 1024# chmod 600 server.keyYou can use a filename other than server.keyand should do so if you plan tohave more than one SSL host on your machine (which requires more than one IPaddress). Just make sure you specify the correct filename in the Apache configura- tion later. In higher-security environments, it is a good idea to encrypt the key byaddingthe -des3argument after the genrsaargument on the opensslcommand line: # openssl genrsa -des3 -out server.key 10243.You are asked for a passphrase, which will be needed every time you startApache. Do not lose this passphrase because it cannot be easily recovered. 4.If you plan to have your certificate signed by a CA (including one that you runyourself), generate a public key and a certificate signing request (CSR): # cd ../ssl.csr/ # openssl req -new -key ../ssl.key/server.key -out server.csrCountry Name (2 letter code) [AU]:USState or Province Name (full name) [Some-State]:WashingtonLocality Name (eg, city) []:BellinghamOrganization Name (eg, company) [Internet Widgits PtyLtd]:Example Company, LTD. Organizational Unit Name (eg, section) []:Network OperationsCommon Name (eg, YOUR name) []:secure.example.orgEmail Address []:dom@example.orgPlease enter the following extra attributesto be sent with your certificate requestA challenge password []: An optional company name []: Note32_
You need excellent and relaible webhost company to host your web applications? Then pay a visit to Inexpensive Web Hosting services.

This entry was posted on Friday, November 9th, 2007 at 7:06 am and is filed under B5. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply