Create Certificate============
#mkdir sslwork#cd sslwork
First we need to generate your own key by using openssl utility.
#openssl genrsa -des3 -out server.key 1024
you will be prompted to enter password or pass phrase of this key remember it because, it need in future.Now you have to create a Certificate Signing Request (CSR) from the key that just generated.
# openssl req -new -key server.key -out server.csr
For this step you have to give your name and Fully Qualified Domain Name (FQDN). Make sure you enter your FQDN for the "Common Name" for example if certificate is for https://www.thaibloger.com/ then you CommonName Should be www.thaibloger.com
now your certificate is ready to be signed. The following steps are to self-sign the certificate, but if you want other CA sign, you have to pay money. Some CA such as Verisign or Thawte.
# openssl x509 -req -days 3650 -in /root/server.csr -signkey server.key -out server.crt
Ok, your certificate is signed adn valid for 3650 days. You need to copy the files to appropriate directory for Apache.
# cp server.key /usr/local/etc/apache/ssl.key/
# cp server.crt /usr/local/etc/apache/ssl.crt/
after all step you have to config apache to use ssl. In apache 2 it's config file in extra/httpd-ssl.conf, by uncomment line.
# Secure (SSL/TLS) connectionsInclude
etc/apache22/extra/httpd-ssl.conf
Then go to edit the file point key file and cert file with correct path
SSLCertificateFile /usr/local/etc/apache22/ssl.cert/server.crt
SSLCertificateKeyFile /usr/local/etc/apache22/ssl.key/server.key
When restart the server with ssl apache will prompt you and ask for password of you private key because RSA private key is kept in encrypted format. You can eliminate password prompt but it not secure, by commands of openssl.
# cd /usr/local/etc/apache/ssl.key
# cp server.key server.key.orig
# openssl rsa -in server.key.orig -out server.key
then restart apache cheer!!
webmin >> installed
@comment Insert PLIST.lib-webmin here
===================================
To reconfigure webmin you shouldrun the following command as root:
${LOCALBASE}/lib/webmin/setup.sh
You won't have to perform this stepafter every webmin upgrade.
Since 1.150_2, to run webmin fromstartup, add webmin_enable="YES"in your /etc/rc.conf.
===================================
just have install webmin
after install have to run setup.sh once.
then add webmin_enable="YES" into /etc/rc.conf << if you don't do this you will can not start webmin
to start webmin use
Usage: /usr/local/etc/rc.d/webmin [fast|force|one](start|stop|restart|rcvar|status|poll)
===================================
To reconfigure webmin you shouldrun the following command as root:
${LOCALBASE}/lib/webmin/setup.sh
You won't have to perform this stepafter every webmin upgrade.
Since 1.150_2, to run webmin fromstartup, add webmin_enable="YES"in your /etc/rc.conf.
===================================
just have install webmin
after install have to run setup.sh once.
then add webmin_enable="YES" into /etc/rc.conf << if you don't do this you will can not start webmin
to start webmin use
Usage: /usr/local/etc/rc.d/webmin [fast|force|one](start|stop|restart|rcvar|status|poll)
Subscribe to:
Comments (Atom)