DokuWiki

User Tools

Site Tools

Trace: ssl vim packages
ssl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ssl [2011/03/02 04:25] k2patelssl [2020/08/10 02:35] (current) – external edit 127.0.0.1
Line 1: Line 1:
 +====== SSL / Openssl great way to secure it ======
 +
 ==== SSL Issue and Resolution ==== ==== SSL Issue and Resolution ====
  
 **Generate 2048 Bit CSR for godaddy.** **Generate 2048 Bit CSR for godaddy.**
 <code bash> <code bash>
-openssl req -nodes -newkey rsa:2048 -keyout www.xyz.com.key -out www.xyz.com.csr+openssl req -nodes -newkey rsa:4096 -sha512 -keyout www.xyz.com.key -out www.xyz.com.csr
 </code> </code>
  
Line 43: Line 45:
 </code> </code>
  
-Print all available high ciphers.+**Print all available high ciphers.**
  
 <code bash> <code bash>
Line 112: Line 114:
 -----END CERTIFICATE----- -----END CERTIFICATE-----
 </code> </code>
 +
 +== Thawte ==
  
 [[https://search.thawte.com/library/VERISIGN/ALL_OTHER/thawte%20ca/SSL123_CA_Bundle.pem | SSL123 CA Bundle (1024)]]\\ [[https://search.thawte.com/library/VERISIGN/ALL_OTHER/thawte%20ca/SSL123_CA_Bundle.pem | SSL123 CA Bundle (1024)]]\\
Line 117: Line 121:
 [[https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO1498 | Instruction for other Certificates ]] [[https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO1498 | Instruction for other Certificates ]]
  
 +== GoDaddy ==
 +[[ https://certs.godaddy.com/anonymous/repository.seam | Server Certificates ]]
 +
 +== Verisign ==
 +[[ https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1409&TID=retailssl | CA Bundle ]]
 ==== Self Signed SSL ==== ==== Self Signed SSL ====
  
 == Generating Private Key == == Generating Private Key ==
 <code bash> <code bash>
-openssl genrsa -des3 -out www.k2patel.com.key 2048+openssl genrsa -des3 -out www.k2patel.com.key 4096
 </code> </code>
  
Line 141: Line 150:
  
 <code bash> <code bash>
-openssl x509 -req -days 365 -in www.k2patel.com.csr -signkey www.k2patel.com.csr -out www.k2patel.com.crt+openssl x509 -req -days 365 -in www.k2patel.com.csr -signkey www.k2patel.com.key -out www.k2patel.com.crt
 </code> </code>
  
  
 +==== Wilcard Certificate ====
  
 +Wildcard Certificate is nothing diff. in mechanism except how much you pay.\\
 +Please read following information before you dive in.
  
- +  * While creating wildcard certificate you need to use "*" as Common Name: 
 +     * e.g. *.k2patel.in 
 +  * You can place wildcard certificate on any number of server simply you always need KEY / CRT combination moved / copied. 
 +    * so you can have multiple server with multiple sub-domain without issue. 
 +  * You do not need any special way to install / use it simply use as described above.
ssl.1299039930.txt.gz · Last modified: 2020/08/10 02:29 (external edit)