<pre><nowiki>openssl req -new -passin pass:asecretpassword -passout pass:asecretpassword -key /etc/httpd/ssl.crt/server.key.org -out /etc/httpd/ssl.crt/server.csr -days 3650
openssl req -x509 -passin pass:asecretpassword -passout pass:asecretpassword -key /etc/httpd/ssl.crt/server.key.org -in /etc/httpd/ssl.crt/server.csr -out /etc/httpd/ssl.crt/server.crt -days 3650</nowiki></pre>
The output of these files will look something like:
{{META_BOX_Green||You are about to be asked to enter information that will be incorporated<br>
into your certificate request.<br>
What you are about to enter is what is called a Distinguished Name or a DN.<br>
There are quite a few fields but you can leave some blank<br>
For some fields there will be a default value,<br>
If you enter '.', the field will be left blank.<br>
-----<br>
Country Name (2 letter code) [XX]:<br>
State or Province Name (full name) []:<br>
Locality Name (eg, city) [Default City]:<br>
Organization Name (eg, company) [Default Company Ltd]:<br>
Organizational Unit Name (eg, section) []:<br>
Common Name (eg, your name or your server's hostname) []:<br>
Email Address []:<br>
<br>
Please enter the following 'extra' attributes<br>
to be sent with your certificate request<br>
A challenge password []:<br>
An optional company name []:}}
4. Create a thrid file, server.key, from from our self-generated key (server.key.org):
<pre><nowiki>openssl rsa -passin pass:asecretpassword -in /etc/httpd/ssl.crt/server.key.org -out /etc/httpd/ssl.crt/server.key</nowiki></pre>