====== Basic SSL for use with Web and Mail ======

1) Make a directory to keep stuff

<code>
mkdir /home/ssl/
cd /home/ssl/
</code>

2) Make a key

<code>openssl genrsa -out part.domain.com.key 2048</code>

3) Generate a csr (during this part, put in the part.domain.com that you want SSL'ed in the "common name")

<code>openssl req -new -key part.domain.com.key -out part.domain.com.csr</code>

4) You can self-sign the cert

<code>

openssl x509 -req -days 365 -in part.domain.com.csr -signkey part.domain.com.key -out part.domain.com.crt

</code>

Or you can get a certificate from a 3rd party provider, such as Godaddy. If you go this route, place the .crt file in the directory you created in step 1.

5) Create a pem file as well

<code>cat part.domain.com.crt part.domain.com.key > part.domain.com.pem</code>

6) Edit Virtual Server

add the following code to your server (yoursitename.com.conf) in /opt/csw/apache2/etc/virtualhosts

<code>
<VirtualHost 8.12.34.201:443>
# your server settings here
SSLEngine on                                                                                      
SSLCertificateFile /home/ssl/part.domain.com.crt                                           
SSLCertificateKeyFile /home/ssl/part.domain.com.key       
</VirtualHost>   
</code>

7) Restart apache.