Results 1 to 6 of 6
  1. #1

    Trouble generating OpenSSL certificate.

    I know its not a true certificate but its all that is required for us. Anyway, we are having trouble generating the certificate. We are doing what OpenSSL.org says which is this:

    CA.pl -newca
    CA.pl -newreq
    CA.pl -signreq
    CA.pl -pkcs12 "My Test Certificate"

    However when we do that we get an error of cannot find CA.pl. Sorry, but that is not the exact error message, and my friend is not awake yet so I can't tell you the exact message, but I think you get the point.

  2. #2
    Join Date
    Jul 2001
    Location
    Soperton, GA
    Posts
    18
    This is how we do it:

    # generate server RSA private key:
    $ openssl genrsa -rand random 1024 > server.key

    # generate server CSR (Certificate Signing Request):
    $ openssl req -new -key server.key -out server.csr
    (You will be prompted for information here. Remember 'Common Name' is the full domain name of your website.)

    # generate server certificate (self-signed) (the RSA public key)
    $ openssl x509 -req -days 1825 -in server.csr -signkey server.key -out server.crt

    The file 'server.crt' is your certificate. You can name this anything you want.
    -x- http://OnlineeXtreme.com -x-
    -x- IT Development -x- Web Hosting -x- Web Design -x-

  3. #3
    Thanks Ed it worked. However, we cant get our website to show under https. We've opened up port 443 but are still unable to get anything. The website is on Apache, do we need anything else?

  4. #4
    Join Date
    Jul 2001
    Location
    Soperton, GA
    Posts
    18
    Just so you know, I got your PM...

    - Make sure that in your httpd.conf file, your configuration directives for SSL are correct. (correct location of server cert, proper syntax, etc.)

    - Make sure it is listening on port 443. $ netstat -nap | grep LISTEN

    - Also check your error logs to see what is going on.
    -x- http://OnlineeXtreme.com -x-
    -x- IT Development -x- Web Hosting -x- Web Design -x-

  5. #5
    Join Date
    Jul 2002
    Posts
    311
    Hi,

    Let me First tell you that my sever is running RH Linux /Cpanel ver7 with Phpsuexec mode enabled.

    i just tried out the steps mentioned above to genereate the OpenSSL certificate for a domain. But i am not sure what happened was right or wrong

    my client has also uploaded a script called "checkout.php" I have set the permission of that script to 755

    Now how do i know what i did was right ? and is the cert enabled for that domain ?

    how to i access it http or https ?

    Etc etc ?

    Pls reply

  6. #6
    Join Date
    Jul 2001
    Location
    Soperton, GA
    Posts
    18
    <snip>Now how do i know what i did was right ? and is the cert enabled for that domain?</snip>
    If you enter https://www.yourdomain.com and cert info pops up, it is working.
    If not, see above.

    I don't know how to use CPanel to generate cert's since I do it from the command line.
    -x- http://OnlineeXtreme.com -x-
    -x- IT Development -x- Web Hosting -x- Web Design -x-

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •