Unable to have SSL Cert generated
Hi folks,
Archlinux 86_64 2007-08-2 On running $ sudo openssl rsa -in server.key -out server.key Code:
Error opening Private Key server.key On runniing; Code:
$ sudo openssl req -new -x509 -newkey rsa:1024 -days 365 -keyout server,key -out server.crt What FQDN shall I use on "Common Name"? On googling I found; TIP Setup Your FQDN http://gentoo-wiki.com/TIP_Setup_Your_FQDN Do I need to do the same on Arch? TIA B.R. satimis |
What does this report;
hostname --fqdn |
Quote:
Quote:
Regards |
Quote:
I can't find server.key file, $ locate server.key $ sudo find / -name server.key Without printout Where can I download the file? TIA Quote:
On browser both "satimis.com" and "www.satimis.com" works which of them shall I put. B.R. satimis |
Have alook at something like http://www.xenocafe.com/tutorials/li...ates/index.php There are plenty of sites if you google for them
satimis.com is not a fqdn, www.satimis.com is, so don't use the former. Which of the others to use will depend a bit on the use. If you are wanting to set up ssl for www.satimis.com, use that and you'll get fewer questions from browsers. |
Quote:
I followed "SSL certs" on SOHO Postfix on; http://wiki.archlinux.org/index.php/SOHO_Postfix to proceed and encountered this problem unable to find "server.key" file. I'll go through your link and start again. Quote:
B.R. satimis |
Quote:
Code:
localhost.localdomain $ cat /etc/hosts Code:
# $ hostname Code:
arch.satimis.com Code:
localhost.localdomain $ cat /etc/rc.conf | grep -i hostname Code:
HOSTNAME="arch.satimis.com" B.R. satimis |
The server.key will be created after you run:
Code:
sudo openssl req -new -x509 -newkey rsa:1024 -days 365 -keyout server.key -out server.crt Then run the 2nd command to remove passphrase: Code:
sudo openssl rsa -in server.key -out server-no-pass.key |
Quote:
Edit /etc/hosts change; Code:
127.0.0.1 localhost.localdomain localhost arch.satimis.com Code:
127.0.0.1 arch.satimis.com arch $ hostname arch.satimis.com $ hostname -f arch.satimis.com $ hostname --fqdn arch.satimis.com All output are the same now. Would there is any problem omitting "localhost.localdomain" and "localhost" on /etc/hosts ??? Quote:
B.R. satimis |
Quote:
Code:
127.0.0.1 localhost Quote:
Read openssl howto for more details and specially this paragraph that explains how to create a self-signe certificate. Regards |
Quote:
Edit /etc/hosts Make change as follow; Code:
127.0.0.1 localhost $ hostname --fqdn arch.satimis.com $ hostname arch.satimis.com $ hostname -f arch.satimis.com All having the same output. Thanks Redo "SSL certs" http://wiki.archlinux.org/index.php/SOHO_Postfix $ cd /etc/ssl/certs/ $ sudo openssl req -new -x509 -newkey rsa:1024 -days 365 -keyout server.key -out server.crt Code:
$ sudo openssl rsa -in server.key -out server-no-pass.key Code:
Enter pass phrase for server.key: Continued; $ sudo chown nobody:nobody server.key $ sudo chmod 600 server.key $ sudo mv server.key /etc/ssl/private/ All w/o complaint. That completes this section. Lot of thanks for your kind help. B.R. satimis |
Glad to see you've made it.
Regards |
All times are GMT -5. The time now is 04:02 PM. |