Securing Apache - Debian/Ubuntu

Step 1 - Creating Apache SSL/TLS Certificates

Creating the Apache SSL/TLS Certificates

Elliptical Curves are as strong as RSA encryption, however; they have a smaller footprint and require less overhead for cpu/network topologies. When deployed in high traffic situations, any cost savings without compromising something is always welcome. You can choose to generate an RSA or EC certificate and you will be fine with either. For those who have special cases or a need for running both, this is possible and will be discussed in a future update to this document. To create the Certificates, please refer to the OpenSSL Tutorial or the Java Keytool Tutorial to create the CSR's and Certificates

Recommendation:

Switch user and become sudo (root) or you will have to type sudo before most commands from this point forward

sudo su

In order to create all of the keys and things we will need to change to the SSL directory

cd /etc/ssl/