How to create SSL certificate in OpenSUSE
How to create SSL certificate in OpenSUSE
The SSL is a web protocol that is used to send traffic between server and client in a secured manner. It provides a secure and encrypted transactions between the browser and websites. This protocol generates a certificate which the end user has to authenticate themselves. This article will explain the installation of SSL certificate on OpenSUSE to initiate secure session.
Creation of SSL certificate
To start the creation of SSL certificate, create a key pair by executing the following command.
linuxhelp1:~ # openssl genrsa -des3 -out server.key -rand random
0 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
.
.
.
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:
Sign the created public key and create a digital certificate by running the following command.
linuxhelp1:~ # openssl req -new -x509 -key server.key -out server.crt
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
.
.
.
Common Name (e.g. server FQDN or YOUR name) []:linuxhelp1
Email Address []:linuxhelp@gmail.com
Next, copy the Public Key and digital certificate to the below mentioned folders.
linuxhelp1:~ # cp server.key /etc/apache2/ssl.key/
linuxhelp1:~ # cp server.crt /etc/apache2/ssl.crt
Configure the OpenSSL in Apache configuration file as shown below.
linuxhelp1:~ # vim /etc/sysconfig/apache2
APACHE_SERVER_FLAGS=" SSL"
APACHE_START_TIMEOUT=" 10"
Copy the vhost-ssl.template file to the directed destination folder by executing the following command.
linuxhelp1:~ # cp /etc/apache2/vhosts.d/vhost-ssl.template /etc/apache2/vhosts.d/vhost-ssl.conf
Edit the default-server.conf file by running the following command.
linuxhelp1:~ # vim /etc/apache2/default-server.conf
Include /etc/apache2/conf.d/*.conf
Include /etc/apache2/vhosts.d/*.conf
Next configure the vhost-ssl.conf by executing the vim editor and enter the following content into the file as follows. Save and exit from the file.
linuxhelp1:~ # vim /etc/apache2/vhosts.d/vhost-ssl.conf
< IfDefine SSL>
< IfDefine !NOSSL>
< VirtualHost _default_:443>
DocumentRoot " /srv/www/htdocs"
ServerName localhost:443
ErrorLog /var/log/apache2/error_log
TransferLog /var/log/apache2/access_log
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
< FilesMatch " .(cgi|shtml|phtml|php)$" >
SSLOptions +StdEnvVars
< /FilesMatch>
< Directory " /srv/www/cgi-bin" >
SSLOptions +StdEnvVars
< /Directory>
BrowserMatch " MSIE [2-5]"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
CustomLog /var/log/apache2/ssl_request_log ssl_combined
< /VirtualHost>
< /IfDefine>
< /IfDefine>
Now restart the Apache service and execute the network utility tool netstat for checking the TCP service.
linuxhelp1:~ # systemctl restart apache2.service Enter SSL pass phrase for localhost:443 (RSA): ********** Check the https port listening . linuxhelp1:~ # netstat -an | grep 443 tcp 0 0 :::443 :::* LISTEN
Open the browser and check the SSL output by running the target system' s IP.
A secure message is shown below.
The creation of SSL certificate in OpenSUSE is done successfully.