development:openssl
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
development:openssl [2016/11/12 03:25] anthonysena |
development:openssl [2016/11/12 03:30] anthonysena |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| This page will detail how to use [[https://www.openssl.org/|OpenSSL]] to create a Certificate Authority and how to generate a Secure Socket Layer (SSL) certificate for use with a web server such as Apache Tomcat. This is useful when you need to use SSL on a local development machine. As a general rule of thumb, if you need an SSL certificate for use on either a production or non-production instance, you should contact your organization's IT team to obtain a certificate that will work properly in your environment. | This page will detail how to use [[https://www.openssl.org/|OpenSSL]] to create a Certificate Authority and how to generate a Secure Socket Layer (SSL) certificate for use with a web server such as Apache Tomcat. This is useful when you need to use SSL on a local development machine. As a general rule of thumb, if you need an SSL certificate for use on either a production or non-production instance, you should contact your organization's IT team to obtain a certificate that will work properly in your environment. | ||
| - | ===== Creating a Certificate Authority ===== | + | ==== Creating a Certificate Authority ==== |
| The following link describes the steps for creating a [[https://jamielinux.com/docs/openssl-certificate-authority/introduction.html|Certificate Authority using OpenSSL]]. Read the introduction and follow the instructions that are detailed in [[https://jamielinux.com/docs/openssl-certificate-authority/create-the-root-pair.html|create-the-root-pair]] and then [[https://jamielinux.com/docs/openssl-certificate-authority/create-the-intermediate-pair.html|create-the-intermediate-pair]]. For those using Windows, please note that you will need to modify the configuration files (openssl.cnf) that are referenced in the article since the paths are specific to Linux. For example, here is how the [CA_default] section would look for Windows: | The following link describes the steps for creating a [[https://jamielinux.com/docs/openssl-certificate-authority/introduction.html|Certificate Authority using OpenSSL]]. Read the introduction and follow the instructions that are detailed in [[https://jamielinux.com/docs/openssl-certificate-authority/create-the-root-pair.html|create-the-root-pair]] and then [[https://jamielinux.com/docs/openssl-certificate-authority/create-the-intermediate-pair.html|create-the-intermediate-pair]]. For those using Windows, please note that you will need to modify the configuration files (openssl.cnf) that are referenced in the article since the paths are specific to Linux. For example, here is how the [CA_default] section would look for Windows: | ||
| - | [ CA_default ] | + | [ CA_default ] |
| - | # Directory and file locations. | + | # Directory and file locations. |
| - | dir = C:\\My Projects\\keystore\\root\\ca | + | dir = C:\\<your directory>\\root\\ca |
| - | certs = $dir\\certs | + | certs = $dir\\certs |
| - | crl_dir = $dir\\crl | + | crl_dir = $dir\\crl |
| - | new_certs_dir = $dir\\newcerts | + | new_certs_dir = $dir\\newcerts |
| - | database = $dir\\index.txt | + | database = $dir\\index.txt |
| - | serial = $dir\\serial | + | serial = $dir\\serial |
| - | RANDFILE = $dir\\private\\.rand | + | RANDFILE = $dir\\private\\.rand |
| + | Note the change to the ''dir'' setting to include the full path to the root/ca folder that is created along with the changes to the $dir settings to use a double backslashes ''\\'' instead of a single foward slash '/'. | ||
development/openssl.txt · Last modified: 2016/11/12 03:47 by anthonysena
Page Tools
