Menu Close

How to Create CA Server Sub CA Linux

We can use openssl, TinyCA, XCA for this one

I am using TinyCA because it easy to create Sub CAs

$ sudo apt-get install tinyca

Open TinyCA as Root

Creating Root CA

Create Sub CA

Create New Request From Sub CA

Sign the Request from Sub CA

Now Export Certificates to use

Root CA Export

Export Sub CA Certificates

 * Select Without Passphrase

Now change the folder ownership to user

Adding CA to Firefox

Now Setup a Apache SSL Web Server

Create SSL folder in /etc/ssl/web.server.com

Copy certificate files to that

#################################################################################
Paste Following

<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin your_email@example.com
                ServerName web.server.com
                DocumentRoot /var/www/html/web.server.com

                ErrorLog ${APACHE_LOG_DIR}/web.server.com-error.log

                CustomLog ${APACHE_LOG_DIR}/access.log combined

                SSLEngine on
                SSLCertificateFile      /etc/ssl/web.server.com/web.server.com-cert.pem
                SSLCertificateKeyFile /etc/ssl/web.server.com/web.server.com-key.pem
                SSLCertificateChainFile /etc/ssl/web.server.com/Sub_CA-cachain.pem

                <FilesMatch “\.(cgi|shtml|phtml|php)$”>

                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
        </VirtualHost>
</IfModule>

#################################################################################

Enable the site

edit Host file

Create Folder and edit index.html file with welcome

Verify apache config

Restart apache and see

Now Browse from Firefox

%d bloggers like this: