Scribd Logo
Upload

Welcome to Scribd!

  • 3rd Party

    Uploaded by

    khvhv
    3 views3 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views3 pages

    3rd Party

    Uploaded by

    khvhv

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Open XCA application and create a new database named :

    Step 1 : Creating RootCA

    PrivateKeyTab :
    Click Create New Key
    KeyName : RootCA
    Select Key
    CertificateTab :
    Create New Certificate
    Select Self Assign
    Templates : CA
    AdvanveTab :
    Check Parameters
    Extention Tab :
    Modify years accordingly :
    SubjectTab :
    Internal name : Same
    Country name :
    State name :
    City name :
    Org name :
    OU name :
    Common name:Same

    Step 2 : Creating SubCA

    PrivateKeyTab :
    Click Create New Key
    KeyName : RootCA
    Select Key
    CertificateTab :
    Create New Certificate
    Select Self Assign
    Templates : CA
    AdvanveTab :
    Check Parameters
    Extention Tab :
    Modify years accordingly :
    SubjectTab :
    Internal name :same
    Country name :
    State name :
    City name :
    Org name :
    OU name :
    Common name:same

    Step 3 : Creating >>website.com<<

    PrivateKeyTab :
    Click Create New Key
    KeyName : >>wensite.com<<
    Select Key
    CertificateTab :
    Create New Certificate
    Select Self Assign
    Templates : tls_server
    AdvanveTab :
    Check Parameters
    Extention Tab :
    Modify years accordingly :
    SubjectTab :
    Internal name :website.com
    Country name :
    State name :
    City name :
    Org name :
    OU name :
    Common name:website.com

    Step 4 :Transfering webserverkey

    Using winSCP

    Transfer webserverkey in tmp folder in linux


    Step 5 :Transfering webserverCertificate

    Using winSCP

    Transfer webserver certificate in tmp folder in linux

    Step 6 :Installing PKG : apache2 in linux

    apt install apache2 -y

    Step 7: Installing PKG : openssl in linux

    apt install openssl –y


    a2enmod ssl
    s2ensite default-ssl
    systemctl reload apache2

    Step 8:Make Dir inside apache to store certificate and key

    mkdir /etc/apache2/ssl

    cp /tmp/>>.com.pem<< /etc/apache2/ssl/

    cp /tmp/>>.com-key.pem<< /etc/apache2/ssl/

    Step 9:Changing permissions of key and certificate to 600

    cd /etc/apache2/ssl/

    chmod 600 >>xyz.com*

    Step 10:Configuration of default-ssl.conf

    vim /etc/apache2/site-enable/default-ssl.conf

    Below ServerAdmin

    ServerName <ip>:443

    Above DocumentRoot

    SSLCertificatekeyfile /etc/apache2/ssl/>>.com.pem<<

    SSLCertificatekeyfile /etc/apache2/ssl/>>.com-key.pem<<

    :wq

    Step11:Adding our site ip inside IPv4 in hosts

    Vim /etc/hosts

    Start of line

    <ip> hostname

    :wq

    Systemctl restart apache2

    Step12: Resolving Website in browser

    Go Firewall put <ip> try t o resolve

    Try with domain name


    Step13: Add DNS in base machine

    Go in windows machine :

    This PC

    C drive

    Windows

    System folder

    System 32

    Drives

    Etc

    Open Host file in notepad :

    Put <ip> domainname

    Step14: Export RootCA certificate

    Export certificate with extension “.crt”

    Step15: Intigrate RootCA certificate

    Go to “RUN”

    Type command “certmgr.msc”

    Select Trusted Root Certification Authorities

    Click on certificate click right all task import

    Add RootCA

    Step16 : Resolve

    Open browser : resolve domainname

    It will show secure

    You might also like