![]() You are about to be asked to enter information that will be incorporated Writing new private key to '/etc/apache2/ssl/apache.pem' We’ve specified the FQDN (fully qualified domain name) of the Linode for the “Common Name” entry, as this certificate will be used for generic SSL service. This example will create a certificate valid for 365 days you may wish to increase this value. Enter values appropriate for your organization and server, as shown here. OpenSSL will ask you for several configuration values. \): openssl req -new -x509 -sha256 -days 365 -nodes -out /etc/ssl/localcerts/apache.pem\ Note that this command should be issued on a single line, without the backslash (e.g. Issue the following command to generate the certificate itself. ![]() For convenience sake, we’re including the base domains for each site here (this prevents errors that would otherwise occur if the user doesn’t type the “www” part). Substitute your own domain names for “” and “”, adding additional domains delimited by commas. The environment variable “SAN” will be read to obtain a list of alternate DNS names that should be considered valid for new certificates.Īt the shell prompt, issue the following command to declare the names domain names that you want to include in your certificate: export SAN="DNS:DNS:, DNS:DNS:" These statements instruct OpenSSL to append your default support email address to the SAN field for new SSL certificates if no other alternate names are provided.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |