2010-01-16

How to regenerate the Apache SSL key and certificate on Debian Lenny

This blog post explains how to regerated the Apache 2 SSL server key and certification on Debian Lenny.

The default, self-signed certificate used by Apache 2 is called snakeoil, it's generated based on the hostname (as reported by hostname -f) to files /etc/ssl/certs/ssl-cert-snakeoil.pem and /etc/ssl/private/ssl-cert-snakeoil.key when the ssl-cert package is installed. Here is how to regenerate the key and the certificate in case the hostname is changed:

# hostname -f
# make-ssl-cert generate-default-snakeoil --force-overwrite
# ls -l /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key
... (check the last-modified-time)
# /etc/init.d/apache2 restart

1 comment:

mack said...

This has saved me a lot of time, as i've been trying to do this on Apache 2 for a while now. Just got to install the new apache ssl cert now for the web app and i'm away!

Thanks (i've bookmarked this page!)