Category: Web Server Configuration

Steps to create a self signed certificate

Steps to generate self signed certificate on Linux: #openssl genrsa -des3 -out <key filename.key> 4096 #openssl req -new -key <key filename generated above> -out <csr file filename.csr> #openssl x509 -req -days 3650 -in <csr file filename.csr> -signkey <key filename.key> -out <cert filename.crt> the -des3 encrypt PEM output with ede cbc des using 168 bit key more info: https://wiki.openssl.org/index.php/Command_Line_Utilities  

Read More »

Disable SSLv3 in Apache HTTP Server

Background: We had a requirement to disable all version of ssl for encryption and use TLS. We used https://www.ssllabs.com to test our http server We found that SSL 3 had a vulnerability. By removing SSL from the list of supported protocols, BEAST attach and POODLE were mitigated and were able to achieve an over all rating of B for our…

Read More »