The Quick & Dirty Way to a Self-Signed Server Certificate
I always forget this, so I thought I'll post it as a How-To.# Remove old key & certificate
rm /etc/httpd/conf/ssl.key/server.key
rm /etc/httpd/conf/ssl.crt/server.crt
# Generate new key with an EMPTY PASSPHRASE!
# Use "cd /usr/share/ssl/certs; make genkey"
# instead if you really need a passphrase
/usr/bin/openssl genrsa 1024 > /etc/httpd/conf/ssl.key/server.key
# Set appropriate permissions
chmod go-rwx /etc/httpd/conf/ssl.key/server.key
# Now create the new certificate
cd /usr/share/ssl/certs
make testcert
# And restart Apache
/sbin/service httpd restart
NOTICE: This works on Fedora Core 3. Don't use this on FC4!