Create SSL certificate with OpenSSL

First you should create .key file like below. This key file is private therefore don’t share with anyone.

$ openssl genrsa -des3 -out /<your ssl folder>/private.key 2048

Then you have to create .csr file to get certificate file using your key file. It will ask you some questions.

$ openssl req -new -key /<your ssl folder>/private.key -out /<your ssl folder>/ssl.csr

Then upload csr file to certificate authority web page. You will get certificate and chain bundle files.

Add SSL certificate definations to the site config file in apache web server.

<VirtualHost *:443>
  SSLEngine on
  SSLCertificateFile /<your ssl folder>/certificate.crt
  SSLCertificateKeyFile /<your ssl folder>/private.key
  SSLCACertificateFile /<your ssl folder>/chain_bundle.pem

If you get SSL sertificate from Comodo SSL. You have to create your chain bundle file like below.

$ cat AAACertificateServices.crt USERTrustRSAAAACA.crt SectigoRSADomainValidationSecureServerCA.crt > /<your ssl folder>/chain_bundle.pem

Leave a Reply

Your email address will not be published. Required fields are marked *