OpenSSL Fedora 13

How to install OpenSSL on Fedora 13

  1. Install OpenSSL
    yum install openssl

How to configure OpenSSL on Fedora 13

  1. Change your working directory to /etc/pki/CA
    cd /etc/pki/CA
  2. Create a file that holds the database of certificates
    touch index.txt
  3. Create a file that holds the next certificate serial number
    echo '01' > serial
  4. Create a file that holds the next Certificate Revocation List serial number
    echo '01' > crlnumber
  5. Make a copy the systems default openssl configuration file for our use
    cp /etc/pki/tls/openssl.cnf openssl.cnf
  6. Open the /etc/pki/CA/openssl.cnf file for editing
    1. Change line 42
      from: dir = ../../CA # Where everything is kept
      to: dir = . # Where everything is kept
    2. Change line 50
      from: certificate = $dir/cacert.pem # The CA certificate
      to: certificate = $dir/certs/ca.crt # The CA certificate
    3. Change line 55
      from: private_key = $dir/private/cakey.pem # The private key
      to: private_key = $dir/private/ca.key # The private key
    4. Save and Close the file
  7. Make the /etc/pki/CA/openssl.cnf file not world readable
    chmod 600 openssl.cnf

Open Source Software: