one-step self-signed SSL certificate
Posted on May 31st, 2005 in , by jud || No Comment
Create self-signed certificates is useful when managing apache and dovecot imap servers. I have always found it to be a pain to create the certificates. Here’s simple instructions for creating one.
http://www.technocage.com/~caskey/openssl/
In a nutshell,
openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout www.example.com.pem -out www.example.com.pem
You can then use the file above in apache with the following two lines
SSLEngine On
SSLCertificateFile www.example.com.pem
In my case, I created a separate cert and private key:
openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout private/www.example.com.pem -out cert/www.example.com.pem
and installed them so that dovecot (and thunderbird) would use them. I added the year in the cert UO field.
Leave a Reply