Feeding The Multitudes with Unbuntu Linux Christian Edition

Photo by rbieber

I found a reference to the Ubuntu Linux Christian Edition site from the Unix and Linux Menagerie blog and just had to download it and try it out.

This is my stupid attempt at humor. Christian geeks will get it, I hope. I actually downloaded it because I’m interested in the filtering that comes as part of the distro.

Creating a self signed SSL Certificate – A Brain Dead Script

I have an SSL instance running in the house so that I can access my home Subversion installation remotely. The certificate I generated for this site expired a few months ago and I have procrastinated regenerating it because I seemed to remember it was complicated and I didn’t want to spend the time.

Well, it winds up its not that bad. I found a great summary of the commands necessary in order to do it, and threw together a very quick script to string them all together in order to create SSL certificates for a general host name and figured I’d throw it up here.

I generalized it thinking that I could have two certificates for the virtual hosts I have running on my home server. Unless I’m looking at old information, however, it doesn’t seem that you can have different SSL certificates for virtual hosts running on the same IP address under Apache 2. If you can, and someone knows how to configure Apache to do so, please let me know.

Here’s the script I used to generate the self signed SSL certificates for the house. Super simple. Now I just have to remember to source the script ;).

# Cert4Host.sh - Generate SSL Certificates for a host name.


if [ -z "${HOSTNAME}" ]; then
echo "Usage : Cert4Host.sh HOSTNAME";

if [ ! -e pass.key ]; then
openssl genrsa -des3 -out pass.key 1024
echo "Key already exists ... skipping ..."

openssl rsa -in pass.key -out $HOSTNAME.key
openssl req -new -key $HOSTNAME.key -x509 -out $HOSTNAME.crt -days 999

sudo cp $HOSTNAME.key /usr/local/apache2/conf/ssl.key
sudo cp $HOSTNAME.crt /usr/local/apache2/conf/ssl.crt

Don’t forget to change your Apache SSL configuration to point to the new certificate and key (<hostname>.crt and <hostname>.key, respectively) and restart Apache.