Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    Konfigurasi Singaparnasrv 1. Ca (Openssl)

    Uploaded by

    Puad Hasyim
    The document provides steps to configure a CA (Certificate Authority) using OpenSSL to generate and sign certificates for multiple domains. It generates a CA certificate and private key. Then it generates certificate signing requests and private keys for 4 domains. The CA is used to sign the requests. The certificates and private keys are copied to individual directories for each domain under /home/kelom/sertifikat. PKCS#12 files are created for 2 of the domains. Permissions on the certificate directory are set.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Konfigurasi Singaparnasrv 1. Ca (Openssl)

    Uploaded by

    Puad Hasyim
    7 views2 pages
    The document provides steps to configure a CA (Certificate Authority) using OpenSSL to generate and sign certificates for multiple domains. It generates a CA certificate and private key. Then it generates certificate signing requests and private keys for 4 domains. The CA is used to sign the requests. The certificates and private keys are copied to individual directories for each domain under /home/kelom/sertifikat. PKCS#12 files are created for 2 of the domains. Permissions on the certificate directory are set.

    Original Description:

    Original Title

    CA

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides steps to configure a CA (Certificate Authority) using OpenSSL to generate and sign certificates for multiple domains. It generates a CA certificate and private key. Then it generates certificate signing requests and private keys for 4 domains. The CA is used to sign the requests. The certificates and private keys are copied to individual directories for each domain under /home/kelom/sertifikat. PKCS#12 files are created for 2 of the domains. Permissions on the certificate directory are set.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    7 views2 pages

    Konfigurasi Singaparnasrv 1. Ca (Openssl)

    Uploaded by

    Puad Hasyim
    The document provides steps to configure a CA (Certificate Authority) using OpenSSL to generate and sign certificates for multiple domains. It generates a CA certificate and private key. Then it generates certificate signing requests and private keys for 4 domains. The CA is used to sign the requests. The certificates and private keys are copied to individual directories for each domain under /home/kelom/sertifikat. PKCS#12 files are created for 2 of the domains. Permissions on the certificate directory are set.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 2

    KONFIGURASI SINGAPARNASRV

    1. CA (OpenSSL)
    # apt-get install openssl –y
    # mkdir /cert
    # cp /etc/ssl/openssl.cnf /cert/
    # cd /cert/
    # mkdir certs
    # mkdir crl
    # mkdir newcerts
    # mkdir request
    # echo 0000 > serial
    # touch index.txt
    # nano openssl.cnf
    # openssl genrsa -out ca.key 4096
    # openssl req -new -x509 -days 365 -key ca.key -out ca.crt -config openssl.cnf

    # openssl genrsa -out request/internal.skills4future.net.key 4096


    # openssl genrsa -out request/www.skills4future.net.key 4096
    # openssl genrsa -out request/sodongclt.key 4096
    # openssl genrsa -out request/cipatujah.key 4096

    # openssl req -new -config openssl.cnf -key request/internal.skills4future.net.key -out


    request/internal.skills4future.net.csr
    # openssl req -new -config openssl.cnf -key request/www.skills4future.net.key - out
    request/www.skills4future.net.csr
    # openssl req -new -config openssl.cnf -key request/sodongclt.key -out request/sodongclt.csr
    # openssl req -new -config openssl.cnf -key request/cipatujahclt.key -out request/cipatujahclt.csr
    # openssl ca -config openssl.cnf -in request/internal.skills4future.net.csr
    # openssl ca -config openssl.cnf -in request/www.skills4future.net.csr
    # openssl ca -config openssl.cnf -in request/sodong.csr
    # openssl ca -config openssl.cnf -in request/cipatujah.csr
    # mv newcerts/00.pem newcerts/internal.skills4future.net.pem
    # mv newcerts/01.pem newcerts/www.skills39.edu.id.pem
    # mv newcerts/02.pem newcerts/sodongclt.pem
    # mv newcerts/03.pem newcerts/cipatujahclt.pem

    #mkdir /home/kelom/sertifikat/
    # mkdir /home/kelom/sertifikat/ internal.skills4future.net
    # mkdir /home/kelom/sertifikat/ www.skills39.edu.id
    # mkdir /home/kelom/sertifikat/ sodongclt
    # mkdir /home/kelom/sertifikat/ cipatujahclt

    # cp {ca.crt,ca.key} /home/kelom/sertifikat/
    # cp {newcerts/internal.skills4future.net.pem,request/internal.skills4future.net.key}
    /home/kelom/sertifikat/internal.skills4future.net/
    # cp {newcerts/www.skills4future.net.pem,request/www.skills4future.net.key}
    /home/kelom/sertifikat/www.skills4future.net/
    # cp {newcerts/www.skills4future.net.pem,request/sodongclt.key}
    /home/kelom/sertifikat/sodongclt/
    # cp {newcerts/internal.skills4future.net.pem,request/cipatujahclt.key}
    /home/kelom/sertifikat/cipatujahclt/

    # openssl pkcs12 –export –inkey /home/kelom/sertifikat/sodongclt/sodongclt.key –in


    /home/kelom/sertifikat/sodongclt/sodongclt.pem –out
    /home/kelom/sertifikat/sodongclt/sodongclt.p12
    # openssl pkcs12 –export –inkey /home/kelom/sertifikat/sodongclt/cipatujahclt.key –in
    /home/kelom/sertifikat/cipatujahclt/cipatujahclt.pem –out
    /home/kelom/sertifikat/cipatujahclt/cipatujahclt.p12

    # chmod 775 /home/kelom/sertifikat/ -R


    # chown kelom:kelom /home/kelom/sertifikat/ -R

    You might also like