Note: in the above command 365 is the number of days after which your new certificate will expire. Openssl x509 -req -days 365 -in /etc/apache2/ssl/new.csr -signkey /etc/apache2/ssl/mykey.key -out /etc/apache2/ssl/apache.crt Openssl req -in /etc/apache2/ssl/new.csr -noout –textīefore creating the new cert just rename the apache.crt file located in /etc/apache2/ssl so that you do not have to change anything the apache configuration file.
Openssl genrsa -out /etc/apache2/ssl/mynew.key 2048 If you do not know your private key, do not worry because you can create a new one using the following command: Since most of the Linux server admin like to put the cert files in the /etc/apache2/ssl directory, you can have a look at there for your existing cert file and the private key. You must know the location of your current certificate that has expired and the private key. What do I need to know to renew my OpenSSL cert?
#Get size of certificate with openssl tool how to#
This post will you how to renew self- signed certificate with OpenSSL tool in Linux server. Though it is free, it can expire and you may need to renew it. OpenSSL is a free and open-source SSL solution that anyone can use for personal and commercial purpose.