Generate a new SSL/TLS (signed) certificate with OpenSSL command
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/pki/tls/private/example.com.key -out /etc/pki/tls/certs/example.com.crtThe openssl command will create:
- Private Key: The private key, example.com.key will be saved to the /etc/pki/tls/private/ directory (You should not share the private key with anyone).
- Certificate: The example.com.crt will be saved to the /etc/pki/tls/certs/ directory (This is the signed certificate).
Appache
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com
DocumentRoot /var/www/example.com
ErrorLog "logs/example.com-error_log"
CustomLog "logs/example.com-access_log" combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/example.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/example.com.key
</VirtualHost>