The SSL is a web protocol that is used to send traffic between server and client in a secured manner. It provides a secure and encrypted transactions between the browser and websites. This protocol generates a certificate which the end user has to authenticate themselves. This article will explain the installation of SSL certificate on OpenSUSE to initiate secure session.
To start the creation of SSL certificate, create a key pair by executing the following command.
linuxhelp1:~ # openssl genrsa -des3 -out server.key -rand random 0 semi-random bytes loaded Generating RSA private key, 1024 bit long modulus . . . Enter pass phrase for server.key: Verifying - Enter pass phrase for server.key:
Sign the created public key and create a digital certificate by running the following command.
linuxhelp1:~ # openssl req -new -x509 -key server.key -out server.crt Enter pass phrase for server.key: You are about to be asked to enter information that will be incorporated into your certificate request. . . . Common Name (e.g. server FQDN or YOUR name) :linuxhelp1 Email Address :firstname.lastname@example.org
Next, copy the Public Key and digital certificate to the below mentioned folders.
linuxhelp1:~ # cp server.key /etc/apache2/ssl.key/ linuxhelp1:~ # cp server.crt /etc/apache2/ssl.crt
Configure the OpenSSL in Apache configuration file as shown below.
linuxhelp1:~ # vim /etc/sysconfig/apache2 APACHE_SERVER_FLAGS="SSL" APACHE_START_TIMEOUT="10"
Copy the vhost-ssl.template file to the directed destination folder by executing the following command.
linuxhelp1:~ # cp /etc/apache2/vhosts.d/vhost-ssl.template /etc/apache2/vhosts.d/vhost-ssl.conf
Edit the default-server.conf file by running the following command.
linuxhelp1:~ # vim /etc/apache2/default-server.conf Include /etc/apache2/conf.d/*.conf Include /etc/apache2/vhosts.d/*.conf
Next configure the vhost-ssl.conf by executing the vim editor and enter the following content into the file as follows. Save and exit from the file.
linuxhelp1:~ # vim /etc/apache2/vhosts.d/vhost-ssl.conf <IfDefine SSL> <IfDefine !NOSSL> <VirtualHost _default_:443> DocumentRoot "/srv/www/htdocs" ServerName localhost:443 ErrorLog /var/log/apache2/error_log TransferLog /var/log/apache2/access_log SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLCertificateFile /etc/apache2/ssl.crt/server.crt SSLCertificateKeyFile /etc/apache2/ssl.key/server.key <FilesMatch ".(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/srv/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> BrowserMatch "MSIE [2-5]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 CustomLog /var/log/apache2/ssl_request_log ssl_combined </VirtualHost> </IfDefine> </IfDefine>
Now restart the Apache service and execute the network utility tool netstat for checking the TCP service.
linuxhelp1:~ # systemctl restart apache2.service Enter SSL pass phrase for localhost:443 (RSA): ********** Check the https port listening . linuxhelp1:~ # netstat -an | grep 443 tcp 0 0 :::443 :::* LISTEN
Open the browser and check the SSL output by running the target system's IP.
A secure message is shown below.
The creation of SSL certificate in OpenSUSE is done successfully.
Thank you! for using Linux Help.
You find this tutorial helpful? Share with your friends to keep it alive.
For more help topics browse our website www.linuxhelp.com
Be the first to comment, we value your suggestions. For further queries please comment below.