SSL Certificate 만들기

SSL Certificate 만들기

NGINX나 SQUID에서 사용할 수 있는 SSL Certificate를 만들어보자.

출처

To create a private key, enter:
# openssl genrsa -des3 -out nixcraft.in.key 1024
Sample outputs:

Fig.01: OpenSSL - Create a Private Key


To create a CSR (Certificate Signing Request):
# openssl req -new -key nixcraft.in.key -out nixcraft.in.csr
Sample outputs:

Fig.02: OpenSSL - Create a CSR (Certificate Signing Request)


Please enter your domain name that you want to associate with the certificate. For example, for the Command Name I entered nixcraft.in as I’m going to use https://nixcraft.in/.

How Do I Remove The Passphrase? (Optional)

You can remove the passphrase so nginx can start on boot without entering the passphrase. Type the following commands
# cp nixcraft.in.key nixcraft.in.key.bak# openssl rsa -in nixcraft.in.key.bak -out nixcraft.in.key
Finally, you should see three files as follows (note I’ve created all files as vivek user and than moved lb0 and lb1 server /usr/local/ngnix/conf/ssl/ directory):
# ls -l
Sample outputs:

Fig.03: All the files in ssl directory


# openssl x509 -req -days 365 -in nixcraft.in.csr -signkey nixcraft.in.key -out nixcraft.in.crt
Sample outputs:

Fig.04: Generating The Actual Self-signed  SSL Certificate

Leave a Reply