Renew a self signed SSL-Certificate on CentOS

I recieved this e-mail from my webserver:

################# SSL Certificate Warning ################

  Certificate for hostname 'yourservername.com', in file (or by nickname):
     /etc/pki/tls/certs/localhost.crt

  The certificate needs to be renewed; this can be done
  using the 'genkey' program.

  Browsers will not be able to correctly connect to this
  web site using SSL until the certificate is renewed.

 ##########################################################
                                  Generated by certwatch(1)

So I had to renew this certificate on my CentOS Server. I found this blog-entry from Steve Jenkins.

All you have to do is to enter this command:

openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /etc/pki/tls/certs/localhost.crt -keyout /etc/pki/tls/private/localhost.key

And then restart the web server, in my case it’s apache:

apachectl restart

After this, you can check with your webbrowser if the new certificate is active. Check the new expire date. With mozilla firefox it’s “Extra” -> “Site information” -> “Security” -> “Show certificate”.

I know I have to do that again in one year, so I wrote it down here 🙂

steffr.ch

Renew a self signed SSL-Certificate on CentOS

Related

Leave a ReplyCancel reply

Share this:

Related

Leave a ReplyCancel reply