Chapter 4. Creating a SSL certificate

The final step in enabling the admin site is creating a SSL certificate for the site.

First step of creating a certificate is making a certificate request:


mkdir /home/www/admin/ssl
cd /home/www/admin/ssl
openssl req -x509 -newkey rsa:1024 -keyout admin.pem \
	-out admin.crt -days 365

You will be asked some questions, and it is important at this point to note that the "Common Name" should be the same as the site name. In my case this is admin.hoejte.dk.

The next step is signing the request, thereby creating a key.


openssl rsa -in admin.pem -out admin.key

Your SSL site should now be ready to go...

A note: What You have here is a self signed certificate, which means that browsers don't implicitly trust the certificate. If You want something more, then You need to look into buying a certificate from a CA (Certificate Authority). These are usually affiliated with Verisign somehow or other.