host=`hostname --long` echo $host mkdir private/ chmod 700 private/ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout private/$host.key -out $host.crt chmod 400 private/$host.key unset host
-nodes avoids the passphrase prompt.
Once you sent your CSR to your SSL provider, it will respond you with those,
You will also need their root CA and intermediate certificates – if those aren’t delivered, you might find it on their website. Eventually concatenate those two,
cd /etc/httpd/ssl/ cat intermediatecert rootcert > issuer-concat-cert.crt chmod 400 issuer-concat-cert.crt