httpd + ssl

  Linux

cd /etc/httpd/conf
sudo rm ssl.key/server.key ssl.crt/server.crt
sudo bash -c “openssl genrsa 1024 > ssl.key/server.key”
sudo chmod 600 ssl.key/server.key
sudo vi /usr/share/ssl/certs/Makefile
— /usr/share/ssl/certs/Makefile.20050104031047 2004-06-23 01:11:02.000000000 +0900
+++ /usr/share/ssl/certs/Makefile 2005-01-04 03:12:25.000000000 +0900
@@ -30.7 +30.7 @@
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
– /usr/bin/openssl req -newkey rsa:1024 -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 ; \
+ /usr/bin/openssl req -newkey rsa:1024 -keyout $$PEM1 -nodes -x509 -days 3650 -out $$PEM2 ; \
cat $$PEM1 > $@ ; \
echo “” >> $@ ; \
cat $$PEM2 >> $@ ; \
@@ -46.7 +46.7 @@

%.crt: %.key
umask 77 ; \
– /usr/bin/openssl req -new -key $^ -x509 -days 365 -out $@
+ /usr/bin/openssl req -new -key $^ -x509 -days 3650 -out $@

KEY=/etc/httpd/conf/ssl.key/server.key
CSR=/etc/httpd/conf/ssl.csr/server.csr
@@ -62.4 +62.4 @@

$(CRT): $(KEY)
umask 77 ; \
– /usr/bin/openssl req -new -key $(KEY) -x509 -days 365 -out $(CRT)
+ /usr/bin/openssl req -new -key $(KEY) -x509 -days 3650 -out $(CRT)

sudo make testcert
sudo openssl rsa -in ssl.key/server.key -out ssl.key/server.key