Install httpd and implement self signed certificate

0

sudo yum install httpd -y
sudo apachectl start
sudo systemctl enable httpd
sudo apachectl configtest
sudo bash -c ‘echo This is my Web-Server1 running on Oracle Cloud Infrastructure >> /var/www/html/index.html’

sudo firewall-cmd –permanent –zone=public –add-service=http
sudo firewall-cmd –reload

https://gist.github.com/taoyuan/39d9bc24bafc8cc45663683eae36eb1a

yum install -y mod_ssl openssl

Generation of a Self Signed Certificate
Generation of a self-signed SSL certificate involves a simple 3-step procedure:

STEP 1: Create the server private key

openssl genrsa -out cert.key 2048
STEP 2: Create the certificate signing request (CSR)

openssl req -new -key cert.key -out cert.csr

Generating RSA private key, 2048 bit long modulus
…….+++
………..+++
e is 65537 (0x10001)
[root@ebsast ssl.key]# openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,

If you enter the field will be left blank.

Country Name (2 letter code) [XX]:IN
State or Province Name (full name) []:Karnataka
Locality Name (eg, city) [Default City]:Bengaluru
Organization Name (eg, company) [Default Company Ltd]:AppsDBA
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server’s hostname) []:ebsast.cloud-world.co.in
Email Address []:admin@appsdba.info

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:password
An optional company name []:AppsDBA

STEP 3: Sign the certificate using the private key and CSR

openssl x509 -req -days 3650 -in cert.csr -signkey cert.key -out cert.crt
Congratulations! You now have a self-signed SSL certificate valid for 10 years.

update ssl.conf

cd /etc/httpd/conf.d

SSLCertificateFile /etc/httpd/conf/ssl.key/cert.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/cert.key

General setup for the virtual host, inherited from global configuration
DocumentRoot “/var/www/html”
ServerName www.ebsast.cloud-world.co.in:443

service httpd restart

Share.

About Author

Leave A Reply