renew SSL key used in apache-ssl
I'm running a server with apache-ssl 1.3. The server has a self-signed
certificate that recently expired. I'd like to renew it as a
self-signed certficate, and in reading through the docs here and there,
have come up with the following:
1. Instead of renewing, create a new self-signed certificate with the
command:
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
This would give me a 3-year cert.
2. I presume two files will be created for me: privkey.pem and
cacert.pem. I would then concatenate cacert.pem to privkey.pem to
produce a final combined file called apache.pem.
3. I would then move the apache.pem file to /etc/apache-ssl/.
4. Restart apache-ssl.
Is this the right way to go about it?
Thanks
Kevin
--
Kevin Coyner
mailto: kevin@rustybear.com
GnuPG key: 1024D/8CE11941
Reply to: