Create SSL Certificates In OpenSUSE 12.3

Create SSL Certificates In OpenSUSE 12.3

This article will help you to secure your Apache server by creating SSL certificates. Some people may need this to Secure their apache  server. Please follow the bellow steps.

Create a random data file

# cat /dev/random > randomfile

Create key pair

# openssl genrsa -des3 -out server.key -rand randomfile

Sign the created Public Key and create a digital certificate

# openssl req -new -x509 -key server.key -out server.crt

Answer the questions and then copy the Public Key and digital certificate to the bellow mentioned folders.

# cp server.key /etc/apache2/ssl.key/
# cp server.crt  /etc/apache2/ssl.crt/

Configure Apache to use OpenSSL (Optional)

Edit the /etc/sysconfig/apache2 file.


copy /etc/apache2/vhost.d/vhost-ssl.template to /etc/apache2/vhost.d/vhost-ssl.conf.

# cp /etc/apache2/vhost.d/vhost-ssl.template /etc/apache2/vhost.d/vhost-ssl.conf

Configure the main site to use HTTPS

Edit the /etc/apache2/default-server.conf file and add Include /etc/apache2/vhost.d/*.conf line in that file.

Include /etc/apache2/conf.d/*.conf
Include /etc/apache2/vhosts.d/*.conf

Edit /etc/apache2/vhost.d/vhost-ssl.conf file as shown below:

<IfDefine SSL>
<IfDefine !NOSSL>
<VirtualHost *:443>
DocumentRoot "/srv/www/htdocs"
ServerName localhost:443
ErrorLog /var/log/apache2/error_log
TransferLog /var/log/apache2/access_log
SSLEngine on
SSLProtocol all -SSLv2
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
<Directory "/srv/www/cgi-bin">
SSLOptions +StdEnvVars
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /var/log/apache2/ssl_request_log ssl_combined

Restart apache

# /etc/init.d/apache2 restart 
redirecting to systemctl restart apache2 
Enter SSL pass phrase for localhost:443 (RSA): ******

Check if the Port Listening

# netstat -an | grep 443
tcp 0 0 :::443 :::* LISTEN
linux-j9hf:/etc/apache2/vhosts.d #

Navigate to https://IP-Address/ from your browser.

ssl1Click on I understand the risks link. Now you will get the output as shown below.

ssl3That’s it.