Generating SSL Certificate in DAB Appliances
Jump to navigation
Jump to search
Introduction
If the Makefile for DAB has:
dab install apache2-mpm-prefork apache2
then all SSL related files will have been installed like the ssl-cert package which now has the make-ssl-cert program.
This article describes ways to generate the SSL certificates for maintaining uniqueness amongst cloned VMs or for those that have none.
Console TextGUI method
One such easy and simple method using a console TextGUI is shown below:
make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
Private/Public Key pair method
Another method using a Private/Public Key pair is achieved by:
cd /etc/ssl/private openssl genrsa 1024 > mysite.pem cd /etc/ssl/certs openssl req -new -key ../private/mysite.pem -x509 -days 9999 -out mysite.pem /etc/init.d/apache2 reload
SSL key regeneration
To regenerate the existing template SSL keys, another method is:
make-ssl-cert generate-default-snakeoil --force-overwrite
The snakeoil files in the /etc/ssl/certs/ and /etc/ssl/private folders get re-genertaed with the above command.