Web services

Revision as of 16:59, 25 February 2015 by Mhan (talk | contribs) (iwu)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

SSL/TLS

Generate a CSR

This will generate a 2048-bit key (secure & insecure) for usage on a website.

1. Create a secure key for CSR

# openssl genrsa -des3 -out server.key 2048
Generating RSA private key, 2048 bit long modulus
.....................+++
....................+++
e is 65537 (0x10001)
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:

2. Create an insecure key for CSR sourcing from the secure one

# openssl rsa -in server.key -out server.key.insecure
Enter pass phrase for server.key:
writing RSA key

3. Rename the keys

# mv server.key server.key.secure
# mv server.key.insecure server.key

4. Create the CSR

# openssl req -new -key server.key -out server.csr