the above command creates a CSR named shan.csr and a private key shan.pem
3. Now it's time to create a non-password protected key for Apache 2.0.X by executing the
following:
If you do not remove the password from the key then every time you start apache
you need to key in the password. This is okay with demo but not at all recommended
for practical usages.
4. Finally, run the following command to create an X.509 certificate, e.g. the kind of
certificate that SSL likes to munch:
openssl x509 -in shan.csr -out shan.cert -req -signkey shan.key -days 365
Congratulations, you've created a self-signed certificate! Keep the KEY and CERT files
some place safe, we'll be using them soon.
Open up conf\httpd.conf in a text editor and look for the line LoadModule ssl_module
modules/mod_ssl.so and remove any pound sign (#) characters preceding it. If you don't
see that line where it probably should be (among the other LoadModule lines), then your
installation may not have mod_ssl.so ... can't help you there!
Also, while you're in conf\httpd.conf, make sure
the following lines exist somewhere (they
should if you got Apache2 from hunter):
<IfModule mod_ssl.c>
Include conf/ssl.conf
</IfModule>
Create a directory under conf called ssl and copy the blarg.key and blarg.cert files there; the
ones you created in step 2.
Finally it's time to use your self-signed certificate! The lines you'll want to change
are SSLCertificateFile and SSLCertificateKeyFile which should point to your CERT
and KEY files respectively.