You generate a private key and a certificate request for the Apache Web server. Send this request to your certification authority (CA). When your CA has signed the server certificate you collect it from the CA along with the root certificate. You then store the certificates and the key in the directories beneath <TREX_DIR>/Apache/conf/. Use the cryptography tool OpenSSL to generate the key and certificates.
Prerequisites
You have generated the cryptography tool OpenSSL and the corresponding library modSSL (libssl.so) using a build script (seeProviding Cryptography Software for the Apache Web Server). The generated files are stored in the following directories:
Procedure
openssl genrsa -des3 -out server.key 1024
openssl rsa -in server.key -out serveru.key
If you are using a server.key, the Apache Web server asks you to enter a password every time you start it. Converting server.key to serveru.key avoids this.
openssl req -new -key serveru.key -out serveru.csr
Result
You now have the following files:
Storage Locations for Certificates and Keys
Certificate/Key | Directory |
---|---|
serveru.key |
<TREX_DIR>/Apache/conf/ssl.key |
serveru.crt ca.crt |
<TREX_DIR>/Apache/conf/ssl.crt |
serveru.csr |
<TREX_DIR>/Apache/conf/ssl.csr |
Result
In the next step you enter the files and paths to their storage locations into the configuration file httpd.conf of the Apache Web server in order to configure the Web server for secure communication with SSL.