Generating A Key - Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT Deployment Manual

Chapter 22. Apache HTTP Server

22.8.5. Generating a Key

You must be root to generate a key.
First, use the cd command to change to the /etc/httpd/conf/ directory. Remove the fake key and
certificate that were generated during the installation with the following commands:
rm ssl.key/server.key rm ssl.crt/server.crt
The crypto-utils package contains the genkey utility which you can use to generate keys as
the name implies. To create your own private key, please ensure the crypto-utils package is
installed. You can view more options by typing man genkey in your terminal. Assuming you wish to
generate keys for www.example.com using the genkey utility, type in the following command in your
terminal:
genkey www.example.com
Please note that the make based process is no longer shipped with RHEL 5. This will start the genkey
graphical user interface. The figure below illustrates the first screen. To navigate, use the keyboard
arrow and tab keys. This windows indicates where your key will be stored and prompts you to proceed
or cancel the operation. To proceed to the next step, select Next and press the Return (Enter) key.
Figure 22.11. Keypair generation
The next screen prompts you to choose the size of your key. As indicated, the smaller the size of your
key, the faster will the response from your server be and the lesser your level of security. On selecting
352