View Faq
|
Question: How do I create an SSL Certificate so I can allow secure connections to Monetra?
|
Answer:
First, make sure you have OpenSSL installed (via RPM or source from www.openssl.org). Once OpenSSL is installed, create the certificate as you would for an Apache SSL server:
Step 1. Generate the private key
openssl genrsa 1024 > www.mydomain.com.key
Step 2. Generate a CSR from your key
openssl req -new -key www.mydomain.com.key > www.mydomain.com.csr
Step 3. Generate a self-signed certificate
openssl req -x509 -key www.mydomain.com.key -in www.mydomain.com.csr > www.mydomain.com.crt
You may use the self-signed certificate www.mydomain.com.crt to run the Monetra engine, but it is recommended that you purchase a signed certificate from Thawte or Verisign. You will be required to send the the www.mydomain.com.csr that you generated in Step 2. When you receive your certificate, install it in place of your self-signed cert, and restart the Monetra engine.
Make sure your Key and Certificate are viewable only to the monetra user. Anyone who obtains the Key and Certificate would be able to "impersonate" you!
Note: Both the .key and .crt must be configured in the /etc/monetra/prefs.conf file for SSL communication to take place (of course unless you created a combined key/crt not discussed here)
|
<-- Back to FAQ's |
|
|
|
