Forum: 

How to generate ssl certificate like the default one ?

FRO5T's picture

Hello

Can you guide me how to generate such certificate like the default one after completing brand new installation on lamp or owncloud - 256bit TLS 1.0 AES_256_CBC DHE_RSA? The highest encryption level which I reached so far with openssl was 128bit TLS 1.1 RC4_128 RSA. Since I've changed the internal dynamic ip to static one, the owncloud sertificate became untrusted :( . Please guys give me a hint how to generate new certificate for the new static ip.

 

Wish you all the best.

Alon Swartz's picture

Take a look at this blog post for reference: http://www.turnkeylinux.org/blog/ssl-certificates

You can re-run the script that generates the default certificates on new installations as follows:

/usr/lib/inithooks/firstboot.d/15regen-sslcert

If you look at the source of the above script (or execute it with --help), you'll see that the default values can be tweaked. For example, if you want to change the default amount of bits (1024), prepend the script with BITS=2048

Hope the above helps.

FRO5T's picture

Thank you Alon - you rock :)

danysecurity's picture

Instantssl from comodo is the only low cost high assurance SSL Certificates

Post new comment