Create a Certificate Server in Redhat Linux
StepI
---------
>> vim /etc/pki/tls/openssl.cnf
>> Make the following changes in openssl.cnf file
dir=/etc/pki/CA
certificate=$dir/ca.crt
private=$dir/private/ca.key
Step II
---------
>> Then create the following directory and file
>> mkdir {certs newcerts crl }
>> touch index.txt
>> echo “01” > serial
Step III
---------
>> cd /etc/pki/tls/certs
>> make ca.crt
>> Country Name=US
>> Stateprovince Name=North Carolina
>>Locatily= Raleigh
>>Organization=Example, Inc.
>> cp –a ca.crt /etc/pki/CA
>> cp –a ca.key /etc/pki/CA/private/
Create a private key for webserver
StepI
>>Yum install mod_ssl httpd
>>cd /etc/httpd/conf
>> openssl genrsa 1024 > http.key
>> openssl req –new –key http.key –out http.csr
>> cp –a http.csr /etc/pki/CA (upload on CA server directory)
StepII
--------
>>Now in CA server
>> cd /etc/pki/CA
>> openssl ca –in http.csr –out http.crt
>> cp –a ca.crt /etc/httpd/conf
>> cp –a http.crt /etc/httpd/conf
>> vim /etc/httpd/conf.d/ssl.conf
>> change the follwing path in ssl.conf
SSl Certificate file / Key file / SSl CA file
