-
Generate certificate requests with the openssl command:
openssl req -new -newkey rsa:2048 -nodes -days 365 -subj
"/C=country/ST=state/L=city/O=organization/OU=departement/CN=fully.qualified.server.name"
-out my_certificate.csr -keyout my_certificate.key
Answer the questions (with the constraints on Common Name above). If you use
an optional pass phrase (not recommended), you will need to provide it to
the reverse proxy.
This command generates .key and
.csr files.
-
Keep the .key files and send the
.csr files to the authority in charge of
signing your certificates.
Specify that the certificates are intended for Apache Httpd (if you use it).
The certificate authority will send the .cer
(or .crt) signed files back to you.
When installing the different platform services, only use the
.cer (or
.crt). On the reverse proxy, only use the
.cer (or .crt)
and .key.
-
Make sure that you have configured your SSL certificate () on the reverse proxy
as follows on Linux:
SSLCertificateFile /path/to/your.cer
SSLCertificateKeyFile /path/to/your.key
and on Windows:
SSLCertificateFile \path\to\your.cer
SSLCertificateKeyFile \path\to\your.key