<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>�$B0BA4$J�(B RedHat Apache �$B%5!<%P$N9=C[J}K!�(B: �$B>ZL@=q$K$h$k:n6H�(B</TITLE>
<LINK HREF="SSL-RedHat-HOWTO-4.html" REL=next>
<LINK HREF="SSL-RedHat-HOWTO-2.html" REL=previous>
<LINK HREF="SSL-RedHat-HOWTO.html#toc3" REL=contents>
</HEAD>
<BODY>
<A HREF="SSL-RedHat-HOWTO-4.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="SSL-RedHat-HOWTO-2.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="SSL-RedHat-HOWTO.html#toc3">�$BL\<!$X�(B</A>
<HR>
<H2><A NAME="s3">3. �$B>ZL@=q$K$h$k:n6H�(B</A></H2>
<P>�$B$3$l0J9_$N@a$G$O!"HkL)80%U%!%$%k$N:n@.!">ZL@=q=pL>MW5a!"$=$l$+$i<+=p>ZL@=q$r�(B
�$B4^$`<j=g$r$*$5$($^$9!#>ZL@=qH/9T5!4X$K$h$C$F=pL>$5$l$?>ZL@=q$rF~<j$9$k$D$b$j�(B
�$B$J$i!"�(B<EM>�$B>ZL@=q=pL>MW5a�(B (CSR)</EM> �$B$r:n@.$9$kI,MW$,$"$j$^$9!#$"$k$$$O!"�(B
�$B<+=p>ZL@=q$r:n@.$9$k$3$H$b$G$-$^$9!#�(B
<P>
<H2><A NAME="ss3.1">3.1 �$BHkL)80$N:n@.�(B</A>
</H2>
<P>�$BHkL)80$r:n$k$K$O!"�(BOpenSSL �$B%D!<%k%-%C%H$,%$%s%9%H!<%k$5$l$F$$$F!"�(B
Apache �$BMQ$K@_Dj$5$l$F$$$kI,MW$,$"$j$^$9!#$3$3$+$i$NNc$G$O!"%G%U%)%k%H$N�(B
/usr/local/ssl/bin �$B%G%#%l%/%H%j$K$"$k�(B OpenSSL �$B$N%3%^%s%I%i%$%s%D!<%k$r�(B
�$B;H$$$^$9!#Nc$G$O!"�(BOpenSSL �$B$N%3%^%s%I%i%$%s%D!<%k$,$"$k%G%#%l%/%H%j$,�(B $PATH
�$B$KDI2C$5$l$F$$$k$3$H$rA[Dj$7$F$$$^$9!#�(B
<P>
<P>�$B%H%j%W%k�(B DES �$B0E9fI8=`�(B (�$B?d>)�(B) �$B$r;H$C$FHkL)80$r:n$k$K$O!"$3$N%3%^%s%I$r;H$$$^$9�(B �$B!]�(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
openssl genrsa -des3 -out filename.key 1024
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P>�$B%Q%9%U%l!<%:$rF~NO$7!"$^$?:FF~NO$9$k$h$&$K5a$a$i$l$^$9!#%H%j%W%k�(B DES
�$B$r;H$&$3$H$K$7$?$J$i!"�(BSSL �$B%5!<%P$r%3!<%k%I%9%?!<%H$G5/F0$5$;$kEY$K�(B
�$B%Q%9%o!<%I$r5a$a$i$l$^$9!#�(B(�$B:F5/F0%3%^%s%I$r;H$&>l9g$O!"%Q%9%o!<%I$O�(B
�$BJ9$+$l$^$;$s!#�(B)
�$BFC$K%7%9%F%`$r5Y$_$N4V$K5/F0$;$M$P$J$i$J$$>l9g!"$3$N%Q%9%o!<%IF~NO$,�(B
�$B$&$6$C$?$$$H;W$&$+$b$7$l$^$;$s!#$^$?!"%7%9%F%`$O4{$K==J,$K7xO4$@$H�(B
�$B3N?.$7$F$$$k$+$b$7$l$^$;$s!#$G$9$+$i!"%Q%9%o!<%IF~NO$,$J$$$h$&$KA*Br$9$k�(B
(�$B=>$C$F%H%j%W%k�(B DES �$B0E9f2=$r;H$o$:$K�(B) �$B$J$i!"0J2<$N%3%^%s%I$r<B9T$7$F$/$@$5$$!#�(B
�$B5U$K!"C1$K�(B 512 bit �$B$N80$r:n$j$?$$$J$i!"%3%^%s%I$N:G8e$K$"$k�(B 1024 �$B$r�(B
�$B:o$C$F$/$@$5$$!#$9$k$H�(B OpenSSL �$B$O%G%U%)%k%H$N�(B 512 bit �$B$G80$r:n$j$^$9!#�(B
�$B>.$5$J80$r;H$&$H!">/$7$P$+$jAa$/$J$j$^$9$,!"0BA4@-$bDc2<$7$^$9!#�(B
<P>
<P>�$BHkL)80$r%H%j%W%k�(B DES �$B0E9f2=$J$7$G:n@.$9$k$K$O!"$3$N%3%^%s%I$r;H$$$^$9�(B �$B!]�(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
openssl genrsa -out filename.key 1024
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P>�$B4{B8$NHkL)80$K%Q%9%o!<%I$rDI2C$9$k$K$O!"$3$N%3%^%s%I$r;H$$$^$9�(B �$B!]�(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
openssl -in filename.key -des3 -out newfilename.key
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P>�$B4{B8$NHkL)80$+$i%Q%9%o!<%I$r:o=|$9$k$K$O!"$3$N%3%^%s%I$r;H$$$^$9�(B �$B!]�(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
openssl -in filename.key -out newfilename.key
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P><B>�$BCm0U!'�(B</B>
�$BJLES;XDj$7$J$1$l$P!"HkL)80$O%+%l%s%H%G%#%l%/%H%j$K:n@.$5$l$^$9!#�(B
�$B$3$l$r<h$j07$&$K$O�(B 3 �$B$D$N4JC1$JJ}K!$,$"$j$^$9!#�(BOpenSSL �$B$,%Q%9$KF~$C$F$$$l$P!"�(B
�$B80%U%!%$%k$rJ]B8$9$k$?$a$KA*$s$@%G%#%l%/%H%j$+$i<B9T$9$k$3$H$,$G$-$^$9�(B
(Apache �$B$N%$%s%9%H!<%k$K�(B RPM �$B$r;H$C$?>l9g$N%G%U%)%k%H$O�(B
<CODE>/etc/httpd/conf/ssl.key</CODE> �$B$G!"%=!<%9%U%!%$%k$+$i%$%s%9%H!<%k$7$?$N$J$i�(B
<CODE>/usr/local/apache/conf/ssl.key</CODE> �$B$G$9�(B)�$B!#�(B
�$BJL2r$O!"80$,:n@.$5$l$?%G%#%l%/%H%j$+$i!"@5$7$$%G%#%l%/%H%j$X$H%U%!%$%k$r�(B
�$B%3%T!<$9$k$3$H$G$9!#$5$i$K!"Bg;v$J$3$H$r8@$$K:$l$^$7$?$,!"%3%^%s%I$N<B9T;~$K%Q%9$r�(B
�$B;XDj$9$k$3$H$,$G$-$^$9�(B (eg.
<CODE>openssl genrsa -out /etc/httpd/conf/ssl.key/filename.key 1024</CODE>)�$B!#�(B
�$B<!$K?J$`A0$K:n6H$,=*$o$C$F$$$l$P!"J}K!$O$I$l$G$b9=$$$^$;$s!#�(B
<P>
<P>OpenSSL �$B%D!<%k%-%C%H$K$D$$$F$N$h$j>\$7$$>pJs$O!"$3$38+$F$/$@$5$$�(B �$B!]�(B
<A HREF="http://www.openssl.org/">OpenSSL Website</A><P>
<H2><A NAME="ss3.2">3.2 �$B>ZL@=q=pL>MW5a$N:n@.�(B</A>
</H2>
<P>�$B>ZL@=qH/9T5!4X$K$h$C$F=pL>$5$l$?>ZL@=q$rF~<j$9$k$K$O!">ZL@=q=pL>MW5a�(B (CSR)
�$B$r:n@.$9$kI,MW$,$"$j$^$9!#L\E*$O!"HkL)80$r4]$4$HAw$C$?$j!"�(B
�$B07$$$NFq$7$$>pJs$r4m81$K$5$i$7$?$j$9$k$3$H$J$/!">ZL@=q$r:n@.$9$k$KB-$k>pJs$r�(B
�$B>ZL@=qH/9T5!4X$KAw$k$3$H$G$9!#�(BCSR �$B$O!"Nc$($P%I%a%$%sL>$dCO0h>pJs$H$$$C$?!"�(B
�$B>ZL@=q$K4^$^$l$k>pJs$b$b$C$F$$$^$9!#�(B
<P>
<UL>
<LI>CSR �$B$r:n$k$b$H$NHkL)80$r3NG'$7$^$9!#$3$N%3%^%s%I$rF~NO$7$F$/$@$5$$�(B �$B!]�(B
<BLOCKQUOTE><CODE>
<PRE>
openssl req -new -key filename.key -out filename.csr
</PRE>
</CODE></BLOCKQUOTE>
</LI>
<LI>�$BCO0h>pJs!"6&DLL>�(B (�$B%I%a%$%sL>�(B)�$B!"AH?%>pJs$J$I$NF~NO$r5a$a$i$l$^$9!#�(B
�$BI,MW$H$5$l$k9`L\$H!"ITE,@Z$J%(%s%H%j$N>pJs$r!":NMQ$7$h$&$H$7$F$$$k�(B
CA �$B$KLd$$9g$o$;$F$/$@$5$$!#�(B
</LI>
<LI>CSR �$B$r�(B CA �$B$N;X<($K=>$C$FAw$j$^$9!#�(B</LI>
<LI>�$B?7$7$$>ZL@=q$rBT$A$D$D!"$"$k$$$O<+=p>ZL@=q$r:n@.$7$F$/$@$5$$!#�(B
�$B<+=p>ZL@=q$O>ZL@=qH/9T5!4X$+$i>ZL@=q$r<u$1$H$k$^$G;HMQ$9$k$3$H$,$G$-$^$9!#�(B</LI>
</UL>
<P>
<P>
<P><B>�$BCm0U!'�(B</B>
�$BHkL)80$HMW5a�(B(�$BLuCm�(B:CSR)�$B$rF1;~$K:n@.$9$k$K$O!"<!$N%3%^%s%I$r;H$$$^$9!#�(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
openssl genrsa -des3 -out filename.key 1024
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P>
<H2><A NAME="ss3.3">3.3 �$B<+=p>ZL@=q$N:n@.�(B</A>
</H2>
<P>CA �$B$N=pL>$7$?>ZL@=q$rF~<j$7$h$&$H$7$F$$$k$J$i!"<+=p>ZL@=q$r:n$kI,MW$O$"$j$^$;$s!#$H$O$$$(!"<+=p>ZL@=q$N:n@.$O$?$$$X$s4JC1$G$9!#I,MW$J$N$O!"HkL)80$H%;%-%e%"$K$7$?$$%5!<%P$NL>A0�(B (�$B40A4=$>~%I%a%$%sL>�(B) �$B$G$9!#CO0h>pJs$d6&DLL>�(B (�$B%I%a%$%sL>�(B)�$B!"AH?%>pJs$J$I$r?V$M$i$l$^$9!#�(BOpenSSL �$B$G$O!"$3$3$G$+$J$j$N<+M3$,$-$-$^$9!#>ZL@=q$,@5>o$K5!G=$9$k$?$a$KM#0lI,MW$J>pJs$O!"6&DLL>�(B (�$B%I%a%$%sL>�(B) �$B$G$9!#$3$l$,$J$+$C$?$j!"7g$1$?$j$7$F$$$k$H!"�(B<EM>Certificate Name Check</EM> �$B7Y9p$r%V%i%&%6$+$i<u$1$k$3$H$K$J$j$^$9!#�(B
<P>
<P>�$B<+=p>ZL@=q$r:n@.$9$k$K$O�(B �$B!]�(B
<P>
<BLOCKQUOTE><CODE>
<PRE>
openssl req -new -key filename.key -x509 -out filename.crt
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P>
<H2><A NAME="ss3.4">3.4 �$B%&%'%V%5!<%P$X$N>ZL@=q$N%$%s%9%H!<%k�(B</A>
</H2>
<P>�$B$3$l$i$N;X<($K=>$C$F$$$?$i!":#$^$G$N$H$3$m!"$3$3$^$G$G$OFC$KLdBj$O5/$-$F$$$J$$$O$:$G$9!#�(BCSR �$B$r>ZL@=qH/9T5!4X$KAw$C$F!"$^$@>ZL@=q$r<u$1$H$C$F$$$J$$$J$i!"$A$g$C$H0l5Y$_$7$^$7$g$&!*!!<+=p>ZL@=q$r;H$C$F$$$k$+!">ZL@=q$r<u$1$H$j$:$_$J$i!"<!$K?J$s$G$b9=$$$^$;$s!#�(B
<P>
<UL>
<LI>�$BHkL)80%U%!%$%k$,!";H$&$H7h$a$?>l=j$K$"$k$3$H$r3NG'$7$F$/$@$5$$!#B3$/Nc$O�(B RedHat RPM �$B$K$h$k%$%s%9%H!<%k$N%G%U%)%k%HCM!"�(B<CODE>/etc/httpd/conf/ssl.key</CODE> �$B$K4p$$$F$$$^$9!#�(B</LI>
<LI>CA �$B$,=pL>$7$?!"$"$k$$$O<+=p$N>ZL@=q$,;XDj$5$l$?%G%#%l%/%H%j$K$"$k$3$H$r3NG'$7$F$/$@$5$$!#7+$jJV$7$^$9$,!";d$O�(B RPM �$B$N%G%U%)%k%H$G$"$k�(B <CODE>/etc/httpd/conf/ssl.crt</CODE> �$B$r;H$$$^$9!#$^$@$=$3$K$J$1$l$P!"$=$3$KG[CV$7$F$/$@$5$$!#�(B</LI>
<LI>�$B$b$7!"%$%s%9%H!<%k$9$kCf4V>ZL@=q�(B (�$B$^$?$O%k!<%H>ZL@=q�(B) �$B$,$"$k$J$i!"$=$l$b�(B <CODE>/etc/httpd/conf/ssl.crt</CODE> �$B%G%#%l%/%H%j$K%3%T!<$7$F$/$@$5$$!#�(B</LI>
<LI>�$B<!$O!"�(Bhttpd.conf �$B%U%!%$%k$rJT=8$9$kI,MW$,$"$j$^$9!#<!$N%9%F%C%W!"�(B
<A HREF="SSL-RedHat-HOWTO-4.html#configure">Apache Server �$B$N@_Dj�(B</A> �$B$K?J$`A0$K!"$3$N%U%!%$%k$N%P%C%/%"%C%W$r:n$C$F$/$@$5$$!#�(B</LI>
</UL>
<P>
<HR>
<A HREF="SSL-RedHat-HOWTO-4.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="SSL-RedHat-HOWTO-2.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="SSL-RedHat-HOWTO.html#toc3">�$BL\<!$X�(B</A>
</BODY>
</HTML>
