Blog

Posted 2008/02/19

Creating a CAcert for use with Apache2

Make your crs request.
cd /etc/apache2/
openssl genrsa -out www.ninja.me.uk.key 1024
openssl req -new -key www.ninja.me.uk.key -out www.ninja.me.uk.csr
cat www.ninja.me.uk.csr
Go to the CACert site and pase the outut from the .csr file. Paste the crt file CAcert generates into www.ninja.me.uk.crt.
vi www.ninja.me.uk.crt
Get the chained CAcert and set some file permissions.
wget 'http://wiki.cacert.org/wiki/SimpleApacheCert?action=AttachFile&do=get&target=CAcert_chain.pem'
chmod 640 *
chown root:root *
Edit the ssl server config.
vi /etc/apache2/sites-available/ssl.ninja.me.uk
Add the following lines.
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/www.ninja.me.uk.crt
SSLCertificateKeyFile /etc/apache2/ssl/www.ninja.me.uk.key
SSLCertificateChainFile /etc/apache2/ssl/CAcert_chain.pem