Linux: Create SSL certificate (self-signed)
Posted: Fri Feb 05, 2016 12:32 am
Here's a short BASH script that creates SSL certificates and puts them in apache's folders - ready for use:
Then call it, giving the certificate a useful name. "the_shadow" for example. That's the name of the webserver:
Then reload Apache:
(This example is for Debian/Ubuntu based distros)
Code: Select all
#!/bin/bash
# @author: ^Rooker
# @date: 08.DEC.2013
# @description:
# This script is just to help my (forgettable) memory when (re-)creating
# an SSL certificate and key for use with Apache webserver for secure (https) connections.
#
# Most information where taken from the following HowTo article:
# https://www.digitalocean.com/community/articles/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-12-04
#
# IMPORTANT:
# This script must be run with root-priviledges. What a surprise! ;)
DAYS_VALID=666 # How many days until the generated certificate expires.
NAME="$1"
SSL_DIR="/etc/apache2/ssl"
SSL_CRT_FILE="$SSL_DIR/ssl-cert-$NAME.crt"
SSL_KEY_FILE="$SSL_DIR/ssl-cert-$NAME.key"
if [ -z "$NAME" ]; then
echo "ERROR: Please provide a name for the certificate. e.g. 'the_shadow'"
exit 1
fi
# These things only have to be done once, to enable SSL support on Apache:
# - Enable Apache's SSL module:
a2enmod ssl
# - Enable Apache's SSL vhost site:
# NOTE Enable sites manually. "default-ssl" is just the regular off-the-shelf example.
#a2ensite default-ssl
# Create folder for Apache SSL certificates:
mkdir -p "$CERT_DIR"
# Generate a self-signed certificate:
sudo openssl req -x509 -nodes -days $DAYS_VALID -newkey rsa:2048 -keyout $SSL_KEY_FILE -out $SSL_CRT_FILE
Code: Select all
$ ./create_ssl.sh "the_shadow"
(This example is for Debian/Ubuntu based distros)
Done!$ sudo service apache2 reload