How To Install OpenSSL on a CentOS Server
First, we want to install OpenSSL
1. yum install openssl
Now we have to configure our OpenSSL
1. cd /etc/pki/CA
Create a folder to contain the certificates
1. mkdir certs
Now create a folder to contain the certificate revocation list
1. mkdir crl
Now create a folder to contain the Server Certificates in PEM format
1. mkdir netcerts
Create a file that holds the database of certificates
1. touch index.txt
Now create a file that holds the next serial number
1. echo '01' > serial
Now create a file that holds the next certificate revocation list serial number
1. echo '01' > crlnumber
Next we must copy the default openssl configuration file for us to use
1. cp /etc/pki/tls/openssl.cnf openssl.cnf
Now we must edit the openssl.cnf file to make needed changes
1. Change line 37
from dir = ../../CA
to dir = .
2. Change line 45
from certificate = $dir/cacert.pem
to certificate = $dir/certs/ca.crt
3. Change line 50
from private_key = $dir/private/cakey.pem
to private_key = $dir/private/ca.key
Now make the openssl.cnf file not publicly readable
1. chmod 0600 openssl.cnf
