Setting up https on RHEL and CentOS 6 and 7

Here is how to get HTTPS/SSL working on Red Hat/CentOS 6 and 7

$ sudo yum install mod_ssl openssl

Now let’s generate our own self signed Certificate:

Generate private key

$sudo openssl genrsa -out ca.key 2048 


Generate CSR

$sudo openssl req -new -key ca.key -out ca.csr


Generate Self Signed Key


$sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt


Copy the files to the correct locations

$sudo cp ca.crt /etc/pki/tls/certs$sudo cp ca.key /etc/pki/tls/private/ca.key

$sudo cp ca.csr /etc/pki/tls/private/ca.csr


Next up, modify the ssl.conf file:

$sudo vi /etc/httpd/conf.d/ssl.conf

Change the paths to match where the Key file is stored. If you’ve used the method above it will be:

 SSLCertificateFile /etc/pki/tls/certs/ca.crt

Then set the correct path for the Certificate Key File a few lines below. If you’ve followed the instructions above it is:

 SSLCertificateKeyFile /etc/pki/tls/private/ca.key

While we are in there let’s take care of the latest Poodle Vulnerability: (if needed)

 SSLProtocol all -SSLv2 -SSLv3

 Restart web service:

$sudo service httpd restart

$sudo systemctl restart httpd