Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 22685 invoked from network); 6 May 2009 13:48:36 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 6 May 2009 13:48:36 -0000 Received: (qmail 13682 invoked by uid 500); 6 May 2009 13:48:32 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 13662 invoked by uid 500); 6 May 2009 13:48:32 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 13653 invoked by uid 99); 6 May 2009 13:48:32 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 May 2009 13:48:32 +0000 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [82.94.182.66] (HELO gort.onlyforfun.net) (82.94.182.66) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 May 2009 13:48:20 +0000 Received: from [192.168.10.140] (waakvlam.netco.nl [194.109.74.132]) (authenticated bits=0) by gort.onlyforfun.net (8.14.1/8.14.1) with ESMTP id n46DlvDB007826 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 6 May 2009 15:47:57 +0200 Message-ID: <4A01950F.3010901@walterisookeensufferukker.nl> Date: Wed, 06 May 2009 15:47:59 +0200 From: Davide Bianchi Reply-To: davide@walterisookeensufferukker.nl Organization: Walterisookeensufferukker.nl User-Agent: Thunderbird 2.0.0.19 (X11/20081209) MIME-Version: 1.0 To: users@httpd.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.95 at gort X-Virus-Status: Clean X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] renewing a certificate Melanie Pfefer wrote: > Hi , > > I created the .pem file using keytool > > keytool -export -alias tomcat -rfc > tomcat.pem > > and then moved this file to apache directory and ran c_rehash /usr/local/apache/conf/ssl > > this created a link file cc5d41ae.0 -> tomcat.pem > > what are the missing steps to create the server.key and server.crt on apache using openssl? from the openssl howto (http://www.openssl.org/docs/HOWTO/) openssl genrsa -des3 -out privkey.pem 2048 will make a private key (privkey.pem) encrypted with a passphrase, if you dont' want the passphrase leave the '-des3' bit out to make a certificate: openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 this will make a self-signed certificate using the previously created key. Davide -- I used to be interested in Windows NT, but the more I see of it the more it looks like traditional Windows with a stabler kernel. I don't find anything technically interesting there. In my opinion MS is a lot better at making money than it is at making good operating systems. -- Linus Torvalds --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org