TurnKey Linux Virtual Appliance Library

How to generate ssl certificate like the default one ?

Hello

Can you guide me how to generate such certificate like the default one after completing brand new installation on lamp or owncloud - 256bit TLS 1.0 AES_256_CBC DHE_RSA? The highest encryption level which I reached so far with openssl was 128bit TLS 1.1 RC4_128 RSA. Since I've changed the internal dynamic ip to static one, the owncloud sertificate became untrusted :( . Please guys give me a hint how to generate new certificate for the new static ip.

 

Wish you all the best.

Attached: 
Alon Swartz's picture

blog post for reference + inithook

Take a look at this blog post for reference: http://www.turnkeylinux.org/blog/ssl-certificates

You can re-run the script that generates the default certificates on new installations as follows:

/usr/lib/inithooks/firstboot.d/15regen-sslcert

If you look at the source of the above script (or execute it with --help), you'll see that the default values can be tweaked. For example, if you want to change the default amount of bits (1024), prepend the script with BITS=2048

Hope the above helps.

Thank you Alon - you rock :)

Thank you Alon - you rock :)

SSL Certificate

Instantssl from comodo is the only low cost high assurance SSL Certificates

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)