License

Copyright (C) 2008-2017 Oliver Bohlen.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.

A copy of the license is included in the section entitled "GNU Free Documentation License".

Introduction

This documentation comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law.

Howto: SSL/TLS with self signed SSL Certificate for Gentoo Linux

If you want to use valid SSL/TLS you can sign your certificate by your self. Here some steps you have to do on your Server here als wildcard for gabosh.net.
First create a directory for Your keys:

mkdir -p /etc/ssl/gabosh.net

and change into it
cd /etc/ssl/gabosh.net

generate the privatekey
openssl genrsa -out gabosh.net.key 4096

and change to appropriate rights
chmod 600 gabosh.net.key

Generate the Certificate
openssl req -new -x509 -nodes -sha256 -days 3650 -key gabosh.net.key > gabosh.net.crt
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) :
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) :
--> !!!!! Next line is vital (for all gabosh.net subdomains)!!!!!!!!!
Common Name (eg, YOUR name) :*.gabosh.net
Email Address :
Please enter the following extra attributes
to be sent with your certificate request
A challenge password :
An optional company name :

Then change the apache, postfix... config files
Lines in a apache-virtual-host-config-file could reveal like this:
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/gabosh.net/gabosh.net.crt
SSLCertificateKeyFile /etc/apache2/ssl/gabosh.net/gabosh.net.key

Restart the appropriate services for example:
/etc/init.d/apache2 restart

And thats it...

If you want to use this solution you need the following howto(s) finished:

Changes in /etc/ssl/gabosh.net/readme

File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--

Click here for a download of the complete file: /etc/ssl/gabosh.net/readme

Changed on 13.03.09
Issued by olli
Beginning line 1

This is the directory for the SSL Certificates

To install and trust the Certificate run:

cd /etc/ssl/certs
ln -s ../example.com/example.com.crt `openssl x509 -hash -noout -in /etc/ssl/example.com/example.com.crt`.0

Changes in /etc/ssl/gabosh.net.self/readme

File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--

Click here for a download of the complete file: /etc/ssl/gabosh.net.self/readme

Changed on 13.03.09
Issued by olli
Beginning line 1

This is the directory for the SSL Certificates

To install and trust the Certificate run:

cd /etc/ssl/certs
ln -s ../example.com/example.com.crt `openssl x509 -hash -noout -in /etc/ssl/example.com/example.com.crt`.0

Changes in /gtc/test/etc/ssl/gabosh.net/readme

File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--

Click here for a download of the complete file: /gtc/test/etc/ssl/gabosh.net/readme

Changed on 13.03.09
Issued by olli
Beginning line 1

This is the directory for the SSL Certificates

To install and trust the Certificate run:

cd /etc/ssl/certs
ln -s ../example.com/example.com.crt `openssl x509 -hash -noout -in ../example.com/example.com.crt`.0

Please send a feedback to: doc<at>gabosh.net

Howto listing
File Index

Here you can find the official Gentoo Linux Forums where you can find a lot of answers.

Here a link to the official Gentoo Linux Homepage.

Edit Howto

About / Impressum

Click here for About / Impressum

Wishlist

If you want to support my work you can find my Amazon whishlist here