Https - Tripp Lite B092-016 Owner's Manual

http://www.openssl.org/docs/apps/openssl.html
http://www.openssl.org/docs/HOWTO/certificates.txt

15.8 HTTPS

The Management Console can be served using HTTPS by running the webserver via sslwrap.
The server can be launched on request using inetd.
The HTTP server provided is a slightly modified version of the fnord-httpd from
http://www.fefe.de/fnord/
The SSL implementation is provided by the sslwrap application compiled with OpenSSL support.
More detailed documentation can be found at
If your default network address is changed or the unit is to be accessed via a known Domain
Name, you can use the following steps to replace the default SSL Certificate and Private Key
with ones tailored for your new address.
1. Generating an Encryption Key
To create a 1024-bit RSA key with a password, issue the following command on the command
line of a Linux host with the openssl utility installed:
openssl genrsa -des3 -out ssl_key.pem 1024
2. Generating a Self-Signed Certificate with OpenSSL
This example shows how to use OpenSSL to create a self-signed certificate. OpenSSL is available
for most Linux distributions via the default package management mechanism. (Windows users
can check http://www.openssl.org/related/binaries.html
To create a 1024-bit RSA key and a self-signed certificate, send the following openssl command
from the host you have openssl installed on:
openssl req -x509 -nodes -days 1000 \
http://www.rickk.com/sslwrap/
-newkey rsa:1024 -keyout ssl_key.pem -out ssl_cert.pem
206
)