SSL Certificates, and Self-Signing
We'll generate three files, and end up using two of them. First, we generate the RSA keypair (host.key, which is in BASE64 PEM format, which is why the file often has a .pem filename extension).
Then, we generate a CSR = Certificate Signing Request file (host.csr), which associates the key with the organisation's identity (specified in X.509 format, which is similar to LDAP/X.500), and could theoretically be shipped off to Verisign or another Certificate Authority (CA) to be digitally signed. Last, we have Client purport to self-sign the CSR file (in lieu of a CA), resulting in host.crt, the certificate file -- at which point host.csr can be discarded. All of this is done with the "openssl" binary.
And then Apache must be configured to use the two files, and restarted. That's it. So:
$ openssl genrsa -rand file1:file2[...] -out host.key 2048
You give several filespecs delimited by colons to give openssl enough entropy to work with. We're omitting the "-des3" switch, which causes the private key to be stored in symmetrically-encrypted form to protect it against being stolen by shell users, the downside of which is Client would have to supply the 3DES key to read the private key every time Apache restarts. Which is a big downside, and is why almost nobody ever does it.
$ openssl req -new -sha256 -key host.key -out host.csr
You'll be prompted for several strings to build an X.500-style Distinguished Name (two-letter country name, state, city, organisation, Apache hostname -- which will be disguised in this context as "Common Name" -- and administrative e-mail address). It's important that the hostname ("Common Name") exactly match what's specified in httpd.conf, or users will get a warning about the mismatch.
OpenSSL will ask you for a 'challenge password'. This optional value would be a shared-secret nonce between you and an SSL issuer embedded in the CSR, that the issuer could later use to authenticate you if necessary. It's superflous for self-signed certs (where you are both issuer and signer), so push return to enter null.
Now, you get to generate the actual cert, and decide how many days from today's date it should expire. (In this example, we say two years = 730.)
$ openssl x509 -req -sha256 -days 730 -in host.csr -signkey host.key -out host.crt
Last, we find the SSLCertificateFile and SSLCertificateKeyFile lines in httpd.conf, put the two host.* files (omitting the now-superfluous .csr one) in the indicated directories, edit the two httpd.conf lines, save, and restart Apache. host
Example Apache conf lines:
[RM 2011 note: At this writing, OpenSSL has the serious defect that it doesn't yet support TLS 1.2, and the prior TLS 1.1 and TLS 1.0 / SSL 3.0 protocols are seriously flawed. One workaround to consider is using GNUTLS rather than OpenSSL on the server end. There are detailed instructions for Apache2 conversion.]
[RM 2014 note: Whoops, GnuTLS turns out to be pretty dreadful, so never mind that idea.
Package to implement a certificate server (PKI), openCA: http://www.openca.org/
From: WIAME Jean-Robert - REM0VE-N0-1SPAM (jrw-abc_REM0VE-N0-1SPAM@ngi.be)
Organization: National Geographic Institute of Belgium
X-Mailer: Ximian Evolution 1.4.5
Date: Tue, 04 Nov 2003 10:38:50 +0100
Subject: Re: certificate server
There are also :
http://sourceforge.net/projects/elyca/ (no longer developed since 2006; uses OpenSSL and MySQL)
CSP: Certificate Service Provider :
Date: Tue, 4 Nov 2003 12:39:23 +0100 (CET)
From: Henrik Andreasson (firstname.lastname@example.org)
Subject: Re: certificate server
If you're out to get a larger CA server (works for smaller installations too), check out ejbca, build on Enterprise Java Beans.
ejbca.sf.net / http://sourceforge.net/projects/ejbca
Related: Excellent tutorial on running your own Certificate Authority:
Optional addon: A graphical interface for the CA features of OpenSSL (in Perl/gtk2 -- beta): https://opsec.eu/src/tinyca/