Ignore:
Timestamp:
Mar 12, 2015, 4:11:43 PM (9 years ago)
Author:
mitchb
Message:
Let's not create self-signed CAs

You know, while we're fixing that command in the fear that someone will
end up using this file as guidelines for something other than our test
server.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/server/doc/install-howto.sh

    r2683 r2685  
    320320#   - You need a self-signed SSL cert or Apache will refuse to start
    321321#     or do SSL.  Generate with: (XXX recommended CN?)
    322     openssl req -new -x509 -sha256 -newkey rsa:2048 -keyout /etc/pki/tls/private/scripts.key -out /etc/pki/tls/certs/scripts-cert.pem -nodes
     322    openssl req -new -x509 -sha256 -newkey rsa:2048 -keyout /etc/pki/tls/private/scripts.key -out /etc/pki/tls/certs/scripts-cert.pem -nodes -extensions v3_req
    323323    ln -s /etc/pki/tls/private/scripts.key /etc/pki/tls/private/scripts-2048.key
    324324#     Also make the various public keys match up
Note: See TracChangeset for help on using the changeset viewer.