Differences

This shows you the differences between two versions of the page.

--- ssl [2009/12/16 23:26]
k2patel
+++ ssl [2020/08/10 02:35]
@@ Line 1: / Line 1: @@
-==== SSL Issue and Resolution ====
-**Generate 2048 Bit CSR for godaddy.**
-<code bash>
-openssl req -nodes -newkey rsa:2048 -keyout www.xyz.com.key -out www.xyz.com.csr
-</code>
-Above command will not ask you for password. Which is not advisable on apache startup as you need to be present to supply password.\\
-If you need to have than simply remove "-nodes" from your command and you have password.\\
-**To check if certificate and key is matching "Match the MODULUS" in out of following command**
-<code bash>
-openssl rsa -modulus -in <*.key>
-openssl x509 -modulus -in <*.crt>
-</code>
-**Read CSR using following command**
-<code bash>
-openssl req -text -in <*.csr>
-</code>
-**Find Expiring and Issue date for Certificate**
-<code bash>
-openssl x509 -noout -in <*.crt> -dates
-</code>
-**How to enable strong SSL in apache.**
-<code http | httpd.conf>
-SSLEngine On
-SSLCertificateFile /srv/www/conf/<*.crt>
-SSLCertificateKeyFile /srv/www/conf/<*.key>
-SSLCertificateChainFile /srv/www/conf/gd_intermediate_bundle.crt
-SSLCACertificateFile /srv/www/conf/*.ca-bundle
-SSLProtocol -all +SSLv3 +TLSv1
-SSLCipherSuite SSLv3:+HIGH:+MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:@STRENGTH
---OR--
-SSLCipherSuite +HIGH:+MEDIUM:!SSLv2:RC4+RSA:!ADH:!LOW:!EXP:!aNULL:!cNULL:@STRENGTH
---OR--
-SSLCipherSuite SSLv3:+HIGH:+MEDIUM:!SSLv2:!ADH:!LOW:!EXP:!aNULL:!eNULL:@STRENGTH
-</code>

Daily *Nix