'''NOTE:''' Leaving defaults will not make your server less secure. Make sure that you change "asecretpassword" in the commands below to something else. Otherwise any commands which don't have "asecretpassword" in it can be copied and pasted. This has to do with the challenge password for the private key. If you don't understand what I mean then you should read about [http://en.wikipedia.org/wiki/Public-key_cryptography public-key cryptography] which is essentially what SSL uses.

<pre><nowiki>mkdir /etc/httpd/ssl.crt

openssl genrsa -des3 -passout pass:asecretpassword -out /etc/httpd/ssl.crt/server.key.org 1024

openssl req -new -passin pass:asecretpassword -passout pass:asecretpassword -key /etc/httpd/ssl.crt/server.key.org -out /etc/httpd/ssl.crt/server.csr -days 3650

openssl req -x509 -passin pass:asecretpassword -passout pass:asecretpassword -key /etc/httpd/ssl.crt/server.key.org -in /etc/httpd/ssl.crt/server.csr -out /etc/httpd/ssl.crt/server.crt -days 3650

openssl rsa -passin pass:asecretpassword -in /etc/httpd/ssl.crt/server.key.org -out /etc/httpd/ssl.crt/server.key

mkdir /etc/httpd/ssl.key

mv /etc/httpd/ssl.crt/server.key /etc/httpd/ssl.key/server.key

chmod 400 /etc/httpd/ssl.key/server.key</nowiki></pre>