forum.excito.org

If you want to change the certificates used by apache, the ones pointed out in the with SSLCertificateFile and SSLCertificateKeyFile in the config files. You can do as follow.
And answer the questions Fx

If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:SE
State or Province Name (full name) [Some-State]:My State
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company
Organizational Unit Name (eg, section) []:Web
Common Name (eg, YOUR name) []:app1.my.dyndns.com
Email Address []:info@app1.my.dyndns.com

This will generate the two files:

my_cert.pem - the certificate
my_privkey.pem - the private key used

Update your apache config entries SSLCertificateFile and SSLCertificateKeyFile to point to these new files or replace the old files. Then reload apache.
An important note here. You can only have one certificate usable at a given time (Per IP number and port at least). So this must be the same as used in the main config, /etc/apache2/sites-available/bubba, if not bubbas original certificate will be used.

Hello All

I created the two pem files..did an edit op the bubba file in the sub-map op SSL.. restarted apache.. but..instead of 3 ok's in the certificate reported bij IE ig got three problems reported...

What did i do wrong....

To get "3 ok" from IE your certificate must be:

1: Within it's validity dates.
2: Issued to the hostname for which it is accessed by.
3: Signed by a Certificate Authority you have chosen to trust.

However, the communication will be encrypted even if you get the "errors".

For example a certificate could be valid from 20080101 to 20090101, issued to bubba.mydomain.se and signed by my self. And after this i can import the public key of my CertificateAuthority certificate into my browser to pass all checks.

Good luck
/Bjorn

A little tip: if you want your certificate to be valid longer than 30 days use the -days <number of days> option.

For eksample: