====== Apache2 SSL with CAcert ======

Create CAcert certificate
  openssl genrsa -des3 -out /etc/ssl/certs/apache_server.key 1024
  openssl req -new -days 1825 -key /etc/ssl/certs/apache_server.key -out /etc/ssl/certs/apache_server.csr
  openssl rsa -in /etc/ssl/certs/apache_server.key -out /etc/ssl/certs/apache_private.key.decrypted

Get a certificate at CAcert for your apache_server.csr

  cat /etc/ssl/certs/apache_server.csr
  -----BEGIN CERTIFICATE REQUEST-----
  .
  .
  -----END CERTIFICATE REQUEST----- 

After a few seconds, you get your certificate
  -----BEGIN CERTIFICATE------
  .
  .
  -----END CERTIFICATE-----

Create a new file apache_server.crt erstellen and copy the certificate there
  vim /etc/ssl/certs/apache_server.crt

Apache-SSL
Now copy certificate and key to /etc/ssl-cacert/apache
  cp /etc/ssl/certs/apache_server.key /etc/ssl-cacert/apache/
  cp /etc/ssl/certs/apache_server.csr /etc/ssl-cacert/apache/
  cp /etc/ssl/certs/apache_server.crt /etc/ssl-cacert/apache/
  cp /etc/ssl/certs/apache_private.key.decrypted /etc/ssl-cacert/apache/

Control and change settings in /etc/apache2/site-available/000-default.conf
  SSLCertificateFile /etc/ssl-cacert/apache/apache_server.crt
  SSLCertificateKeyFile /etc/ssl-cacert/apache/apache_private.key.decrypted

Nun noch Apache-SSL neustarten:
/etc/init.d/apache-ssl restart

{{tag>}}

~~LINKBACK~~
~~DISCUSSION~~