openssl \
req \
-nodes \
-newkey rsa:2048 \
-keyout www.example.com.key \
-out www.example.com.csr \
-subj "/C=DE/ST=NRW/L=Berlin/O=My Inc/OU=DevOps/CN=www.example.com/emailAddress=dev@www.example.com"
a2enmod ssl
a2ensite default-ssl
service apache2 restart
cp /tmp/2_*.crt /etc/ssl/certs/
cp /tmp/1_root_bundle.crt /etc/ssl/certs/
cp /tmp/*.key /etc/ssl/private/
/etc/apache2/sites-enabled/default-ssl.conf
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/certs/2_www.example.com.crt
SSLCertificateKeyFile /etc/ssl/private/www.example.com.key
SSLCertificateChainFile /etc/ssl/certs/1_root_bundle.crt
#wget https://www.startssl.com/certs/sub.class1.server.ca.pem -O /etc/ssl/certs/sub.class1.server.ca.pemRequest wit CSR
openssl req -new -key /etc/ssl/private/example.com.key \ -out /root/example.com.csr \ -subj "/C=DE/ST=NRW/L=Berlin/O=Foo Bar GmbH/OU=IT/CN=www.example.com/emailAddress=it@example.com" # /etc/apache2/sites-enabled/default-ssl SSLCertificateFile /etc/ssl/certs/example.com.crt SSLCertificateKeyFile /etc/ssl/private/example.com.key SSLCertificateChainFile /etc/ssl/certs/sub.class1.server.ca.pem