This script is from 2012 - now I'm using ➚ letsencrypt.org for my SSL-Certificats.
This is a small and easy script I wrote te create self-signed SSL-Certificates for my own Webapplications (e.g. Webmail). The certificates created with this Script are only for test purposes, and will create untrusted warning messages in browsers.
Script
#!/bin/bash echo "Generate Key:" /usr/bin/openssl genrsa -des3 -out server.key 1024 echo "Generate CSR (YOUR Name or Common Name is 'Fully Qualified Domain Name'):" /usr/bin/openssl req -new -key server.key -out server.csr echo "Remove Password from Key:" cp server.key server.key.org /usr/bin/openssl rsa -in server.key.org -out server.key rm server.key.org echo "Generate Certificate:" /usr/bin/openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt read -e -p "Enter Filename for *.crt and *.key files: " FILENAME # Move Files to /etc/apache2/ssl/ folder. # Have to be created by user if this folder doesn't exist. mv server.crt /etc/apache2/ssl/$FILENAME.crt mv server.key /etc/apache2/ssl/$FILENAME.key # Clean up rm -rf server.crt rm -rf server.csr rm -rf server.key echo "Moved $FILENAME.crt and $FILENAME.key to /etc/apache2/ssl" echo "DONE" exit 1
Apache Configuration
ports.conf (/etc/apache2/ports.conf):<IfModule mod_ssl.c> # SSL name based virtual hosts are not yet supported, therefore no # NameVirtualHost statement here NameVirtualHost *:443 Listen 443 </IfModule>000-default-ssl (/etc/apache2/sites-enabled/000-default-ssl):
<VirtualHost *:443> ServerName blabla.martin-enders.de ServerAlias blabla.martin-enders.de ServerAdmin webmaster@localhost SSLEngine on SSLCertificateFile /etc/apache2/ssl/mail.crt SSLCertificateKeyFile /etc/apache2/ssl/mail.key SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown CustomLog /var/log/apache2/ssl_request_log "%t %h %{SSL_PROTOKOLL}x %{SSL_CIPHER}x \"%r\" %b" DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> </VirtualHost>
Download
Nr. | File | Last Modification | Filesize |
---|---|---|---|
1. | generate-ssl-certificate | February 14 2012 08:32:23. | 892 B [892] |