Red Hat NETWORK PROXY SERVER 3.7 - Bedienungsanleitung PDF herunterladen (Seite 60)

50 Securing Your Server

to createthe certiﬁcate request. You need the certiﬁcaterequest in order to

apply for a certiﬁcate from a CA. Finally, you need the certiﬁcate to run a

secure web server.

3.4.1 Generating a Key

First, you’ll use SSLeay and the system ﬁle /dev/urandom to generate

a random key. cd to the /etc/httpd/conf directory. Type in the fol-

lowing command, which will generate a 1024 bit key encrypted with the

triple-DES cipher:

make genkey

If, for some reason you do not have make installed on your system, you

mayusethefollowing lessuser-friendlycommandinsteadofmake genkey:

/usr/sbin/ssleay genrsa -des3 -rand /dev/urandom 1024 > httpsd.key

Your system will display a message similar to the following:

1049776 semi-random bytes loaded

Generating RSA private key, 1024 bit long modulus

..........................................+++++

..............+++++

e is 65537 (0x10001)

Enter PEM pass phrase:

You now need to type in a password. For best security, your password

should be at least eight characters, should include numbers or punctua-

tion, and should not be a word in a dictionary. Also, remember that your

passwordis casesensitive. You will needto remember and enterthis pass-

word every time you start your secure web server, so don’t forget it.

You will be asked to re-type the password, just to make sure that you

didn’t make any typos entering it. Once you’ve typed it in correctly, a

ﬁle called httpsd.key,containing your key, will be created.

1 2 ... 55 56 57 58 59 60 61 62 63 64 65 ... 100 101

Keine Kommentare

Red Hat NETWORK PROXY SERVER 3.7 - Bedienungsanleitung Seite 60