SEC 260 - samuel-richardson/Sam-Tech-Journal GitHub Wiki

Webserver and CA with HTTPS communication.

Set up web server on webserver VM

Install httpd with yum install -y httpd
Configure Firewall

Making CA and Certificates

Start on CA

Goto cd /etc/pki/CA
touch index.txt
echo 1000 > serial

Make CA private key

openssl genrsa -des3 -out private/cakey.pem 2048

Make CA certificate

openssl req -new -x509 -days 365 -key private/cakey.pem -out cacert.pem

On Webserver

Make private key and request for webserver

openssl req -newkey rsa:2048 -keyout websrv.key -out websrv.csr
Copy csr to CA

On CA

Sign the certificate

openssl ca -out websrv.crt -infiles websrv.csr
scp crt back to webserver

Setup certificate key on the webserver

copy Web Server certificate: /etc/pki/tls/certs
copy Web server private key: /etc/pki/tls/private
yum -y install mod_ssl
configure /etc/httpd/conf.d/ssl.conf
change SSLCertificateFile and SSLCertificateKeyFile
Update firewall