{"id":249,"date":"2025-05-19T08:02:26","date_gmt":"2025-05-19T08:02:26","guid":{"rendered":"https:\/\/blog.chaiyakul.com\/?p=249"},"modified":"2025-05-19T08:04:17","modified_gmt":"2025-05-19T08:04:17","slug":"self-signed-certificate-amp-key-centos-in-apache","status":"publish","type":"post","link":"https:\/\/blog.chaiyakul.com\/index.php\/2025\/05\/19\/self-signed-certificate-amp-key-centos-in-apache\/","title":{"rendered":"\u0e27\u0e34\u0e18\u0e35\u0e2a\u0e23\u0e49\u0e32\u0e07 Self-Signed Certificate & Key \u0e1a\u0e19 CentOS \/ RHEL \u0e43\u0e2a\u0e48\u0e43\u0e19 Apache"},"content":{"rendered":"\n

1.\u0e2a\u0e23\u0e49\u0e32\u0e07 directory \u0e40\u0e01\u0e47\u0e1a\u0e44\u0e1f\u0e25\u0e4c certificate (\u0e16\u0e49\u0e32\u0e22\u0e31\u0e07\u0e44\u0e21\u0e48\u0e21\u0e35)<\/p>\n\n\n

\nsudo mkdir -p \/etc\/pki\/tls\/certs\nsudo mkdir -p \/etc\/pki\/tls\/private\n<\/pre><\/div>\n\n\n
2.\u0e2a\u0e23\u0e49\u0e32\u0e07 self-signed certificate \u0e01\u0e31\u0e1a private key \u0e14\u0e49\u0e27\u0e22\u0e04\u0e33\u0e2a\u0e31\u0e48\u0e07\u0e19\u0e35\u0e49<\/p>\n\n\n
\nsudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\\n  -keyout \/etc\/pki\/tls\/private\/chaiyakul.com.key \\\n  -out \/etc\/pki\/tls\/certs\/chaiyakul.com.crt\n<\/pre><\/div>\n\n\n
\u0e08\u0e30\u0e16\u0e32\u0e21\u0e02\u0e49\u0e2d\u0e21\u0e39\u0e25\u0e1a\u0e32\u0e07\u0e2d\u0e22\u0e48\u0e32\u0e07 \u0e40\u0e0a\u0e48\u0e19<\/p>\n\n\n\n
    \n
  • Country Name (2 letter code)<\/li>\n\n\n\n
  • State or Province Name<\/li>\n\n\n\n
  • Locality Name<\/li>\n\n\n\n
  • Organization Name<\/li>\n\n\n\n
  • Common Name (\u0e22\u0e01\u0e15\u0e31\u0e27\u0e2d\u0e22\u0e48\u0e32\u0e07 \u0e43\u0e2a\u0e48 chaiyakul.com<\/code> \u0e2b\u0e23\u0e37\u0e2d www.chaiyakul.com<\/code>)<\/li>\n\n\n\n
  • Email Address<\/li>\n<\/ul>\n\n\n\n
    \u0e01\u0e23\u0e2d\u0e01\u0e02\u0e49\u0e2d\u0e21\u0e39\u0e25\u0e15\u0e32\u0e21\u0e08\u0e23\u0e34\u0e07\u0e2b\u0e23\u0e37\u0e2d\u0e40\u0e27\u0e49\u0e19\u0e27\u0e48\u0e32\u0e07\u0e44\u0e14\u0e49 (\u0e41\u0e15\u0e48 Common Name \u0e15\u0e49\u0e2d\u0e07\u0e43\u0e2a\u0e48\u0e42\u0e14\u0e40\u0e21\u0e19\u0e2b\u0e23\u0e37\u0e2d IP \u0e17\u0e35\u0e48\u0e43\u0e0a\u0e49\u0e07\u0e32\u0e19)<\/p>\n\n\n\n
    3.\u0e41\u0e01\u0e49\u0e44\u0e02\u0e44\u0e1f\u0e25\u0e4c SSL config \u0e43\u0e2b\u0e49\u0e0a\u0e35\u0e49\u0e44\u0e1b\u0e17\u0e35\u0e48\u0e44\u0e1f\u0e25\u0e4c\u0e19\u0e35\u0e49 (\u0e15\u0e32\u0e21\u0e15\u0e31\u0e27\u0e2d\u0e22\u0e48\u0e32\u0e07\u0e01\u0e48\u0e2d\u0e19\u0e2b\u0e19\u0e49\u0e32)<\/p>\n\n\n
    \nSSLCertificateFile \/etc\/pki\/tls\/certs\/chaiyakul.com.crt\nSSLCertificateKeyFile \/etc\/pki\/tls\/private\/chaiyakul.com.key\n<\/pre><\/div>\n\n\n
    4.\u0e17\u0e14\u0e2a\u0e2d\u0e1a config Apache<\/p>\n\n\n
    \nsudo apachectl configtest\n<\/pre><\/div>\n\n\n
    \u0e16\u0e49\u0e32 Syntax OK<\/code> \u0e41\u0e2a\u0e14\u0e07\u0e27\u0e48\u0e32\u0e44\u0e1f\u0e25\u0e4c config \u0e16\u0e39\u0e01\u0e15\u0e49\u0e2d\u0e07<\/p>\n\n\n\n
    5.\u0e23\u0e35\u0e2a\u0e15\u0e32\u0e23\u0e4c\u0e17 Apache<\/p>\n\n\n
    \nsudo systemctl restart httpd\n<\/pre><\/div>\n\n\n
    \u0e2b\u0e21\u0e32\u0e22\u0e40\u0e2b\u0e15\u0e38<\/p>\n\n\n\n
      \n
    • Self-signed cert \u0e08\u0e30\u0e17\u0e33\u0e43\u0e2b\u0e49 browser \u0e41\u0e08\u0e49\u0e07\u0e40\u0e15\u0e37\u0e2d\u0e19\u0e27\u0e48\u0e32\u0e44\u0e21\u0e48\u0e1b\u0e25\u0e2d\u0e14\u0e20\u0e31\u0e22 (untrusted) \u0e40\u0e1e\u0e23\u0e32\u0e30\u0e44\u0e21\u0e48\u0e1c\u0e48\u0e32\u0e19 CA \u0e17\u0e35\u0e48\u0e40\u0e0a\u0e37\u0e48\u0e2d\u0e16\u0e37\u0e2d\u0e44\u0e14\u0e49<\/li>\n\n\n\n
    • \u0e40\u0e2b\u0e21\u0e32\u0e30\u0e2a\u0e33\u0e2b\u0e23\u0e31\u0e1a\u0e17\u0e14\u0e2a\u0e2d\u0e1a\u0e43\u0e19\u0e40\u0e04\u0e23\u0e37\u0e48\u0e2d\u0e07\u0e2b\u0e23\u0e37\u0e2d\u0e23\u0e30\u0e1a\u0e1a internal<\/li>\n\n\n\n
    • \u0e2b\u0e32\u0e01\u0e08\u0e30\u0e43\u0e0a\u0e49\u0e08\u0e23\u0e34\u0e07\u0e1a\u0e19\u0e2d\u0e34\u0e19\u0e40\u0e17\u0e2d\u0e23\u0e4c\u0e40\u0e19\u0e47\u0e15 \u0e04\u0e27\u0e23\u0e43\u0e0a\u0e49 Let’s Encrypt<\/strong> \u0e40\u0e1e\u0e37\u0e48\u0e2d\u0e02\u0e2d\u0e1f\u0e23\u0e35 certificate \u0e17\u0e35\u0e48 trusted<\/li>\n<\/ul>\n\n\n\n
      \u0e15\u0e33\u0e41\u0e2b\u0e19\u0e48\u0e07 VirtualHost<\/strong><\/u><\/p>\n\n\n\n
      \u0e15\u0e33\u0e41\u0e2b\u0e19\u0e48\u0e07\u0e02\u0e2d\u0e07\u0e01\u0e32\u0e23\u0e01\u0e33\u0e2b\u0e19\u0e14 <VirtualHost *:443><\/code> (SSL) \u0e2d\u0e22\u0e39\u0e48\u0e43\u0e19\u0e44\u0e1f\u0e25\u0e4c\u0e04\u0e2d\u0e19\u0e1f\u0e34\u0e01\u0e02\u0e2d\u0e07 Apache \u0e04\u0e23\u0e31\u0e1a \u0e02\u0e36\u0e49\u0e19\u0e2d\u0e22\u0e39\u0e48\u0e01\u0e31\u0e1a\u0e27\u0e48\u0e32 Apache \u0e1a\u0e19\u0e40\u0e04\u0e23\u0e37\u0e48\u0e2d\u0e07\u0e04\u0e38\u0e13\u0e16\u0e39\u0e01\u0e15\u0e31\u0e49\u0e07\u0e04\u0e48\u0e32\u0e2d\u0e22\u0e48\u0e32\u0e07\u0e44\u0e23 \u2014 \u0e42\u0e14\u0e22\u0e17\u0e31\u0e48\u0e27\u0e44\u0e1b\u0e21\u0e31\u0e01\u0e08\u0e30\u0e2d\u0e22\u0e39\u0e48\u0e43\u0e19\u0e44\u0e1f\u0e25\u0e4c\u0e40\u0e2b\u0e25\u0e48\u0e32\u0e19\u0e35\u0e49:<\/p>\n\n\n\n
      \u0e15\u0e33\u0e41\u0e2b\u0e19\u0e48\u0e07\u0e44\u0e1f\u0e25\u0e4c\u0e2a\u0e33\u0e2b\u0e23\u0e31\u0e1a VirtualHost SSL<\/p>\n\n\n\n
      \u0e41\u0e1a\u0e1a\u0e17\u0e35\u0e48 1: \u0e41\u0e22\u0e01\u0e44\u0e1f\u0e25\u0e4c\u0e41\u0e15\u0e48\u0e25\u0e30 VirtualHost<\/p>\n\n\n
      \n\/etc\/httpd\/conf.d\/ssl.conf         \u2190 \u0e44\u0e1f\u0e25\u0e4c\u0e2b\u0e25\u0e31\u0e01\u0e2a\u0e33\u0e2b\u0e23\u0e31\u0e1a SSL (CentOS\/RHEL)\n<\/pre><\/div>\n\n\n
      \u0e41\u0e19\u0e30\u0e19\u0e33\u0e43\u0e2b\u0e49\u0e40\u0e1e\u0e34\u0e48\u0e21\u0e2b\u0e23\u0e37\u0e2d\u0e41\u0e01\u0e49\u0e44\u0e02 <VirtualHost *:443><\/code> \u0e43\u0e19\u0e44\u0e1f\u0e25\u0e4c\u0e19\u0e35\u0e49 \u0e2b\u0e23\u0e37\u0e2d\u0e2a\u0e23\u0e49\u0e32\u0e07\u0e44\u0e1f\u0e25\u0e4c\u0e43\u0e2b\u0e21\u0e48\u0e43\u0e19 \/etc\/httpd\/conf.d\/<\/code> \u0e40\u0e0a\u0e48\u0e19:<\/p>\n\n\n
      \n\/etc\/httpd\/conf.d\/chaiyakul-ssl.conf\n<\/pre><\/div>\n\n\n
      \u0e41\u0e1a\u0e1a\u0e17\u0e35\u0e48 2: \u0e23\u0e27\u0e21\u0e2d\u0e22\u0e39\u0e48\u0e43\u0e19 httpd.conf<\/p>\n\n\n
      \n\/etc\/httpd\/conf\/httpd.conf\n<\/pre><\/div>\n\n\n
      \u0e16\u0e49\u0e32\u0e21\u0e35\u0e01\u0e32\u0e23\u0e15\u0e31\u0e49\u0e07 SSL \u0e43\u0e19\u0e44\u0e1f\u0e25\u0e4c\u0e19\u0e35\u0e49 (\u0e44\u0e21\u0e48\u0e41\u0e19\u0e30\u0e19\u0e33) \u0e43\u0e2b\u0e49\u0e43\u0e2a\u0e48 <VirtualHost *:443><\/code> \u0e20\u0e32\u0e22\u0e43\u0e19\u0e2b\u0e23\u0e37\u0e2d Include<\/code> \u0e44\u0e1f\u0e25\u0e4c\u0e08\u0e32\u0e01 conf.d\/<\/code><\/p>\n\n\n\n
      \u2705 \u0e41\u0e19\u0e30\u0e19\u0e33<\/p>\n\n\n\n
      \u0e2a\u0e23\u0e49\u0e32\u0e07\u0e44\u0e1f\u0e25\u0e4c\u0e43\u0e2b\u0e21\u0e48\u0e43\u0e19 \/etc\/httpd\/conf.d\/<\/code> \u0e40\u0e1e\u0e37\u0e48\u0e2d\u0e41\u0e22\u0e01 site \u0e15\u0e48\u0e32\u0e07\u0e46 \u0e0a\u0e31\u0e14\u0e40\u0e08\u0e19 \u0e40\u0e0a\u0e48\u0e19:<\/p>\n\n\n
      \nsudo nano \/etc\/httpd\/conf.d\/chaiyakul-ssl.conf\n<\/pre><\/div>\n\n\n
      \u0e41\u0e25\u0e49\u0e27\u0e27\u0e32\u0e07 VirtualHost \u0e41\u0e1a\u0e1a\u0e19\u0e35\u0e49:<\/p>\n\n\n
      \n<VirtualHost *:443>\n    ServerName chaiyakul.com\n    ServerAlias www.chaiyakul.com\n\n    DocumentRoot \/var\/www\/html\/chaiyakul.com\n\n    SSLEngine on\n    SSLCertificateFile \/etc\/pki\/tls\/certs\/chaiyakul.com.crt\n    SSLCertificateKeyFile \/etc\/pki\/tls\/private\/chaiyakul.com.key\n\n    <Directory \/var\/www\/html\/chaiyakul.com>\n        Options -Indexes +FollowSymLinks\n        AllowOverride All\n    <\/Directory>\n\n    ErrorLog logs\/ssl_error_log\n    CustomLog logs\/ssl_access_log combined\n<\/VirtualHost>\n<\/pre><\/div>\n\n\n
      \u0e40\u0e2a\u0e23\u0e47\u0e08\u0e41\u0e25\u0e49\u0e27\u0e43\u0e2b\u0e49:<\/p>\n\n\n
      \nsudo apachectl configtest\nsudo systemctl restart httpd\n<\/pre><\/div>\n\n\n
      <\/p>\n","protected":false},"excerpt":{"rendered":"
      1.\u0e2a\u0e23\u0e49\u0e32\u0e07 directory \u0e40\u0e01\u0e47\u0e1a\u0e44\u0e1f\u0e25\u0e4c certificate (\u0e16\u0e49\u0e32\u0e22\u0e31\u0e07\u0e44\u0e21\u0e48\u0e21\u0e35) 2. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_editorskit_title_hidden":false,"_editorskit_reading_time":0,"_editorskit_is_block_options_detached":false,"_editorskit_block_options_position":"{}","footnotes":""},"categories":[105],"tags":[],"class_list":["post-249","post","type-post","status-publish","format-standard","hentry","category-centos"],"_links":{"self":[{"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/posts\/249","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/comments?post=249"}],"version-history":[{"count":2,"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/posts\/249\/revisions"}],"predecessor-version":[{"id":251,"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/posts\/249\/revisions\/251"}],"wp:attachment":[{"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/media?parent=249"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/categories?post=249"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.chaiyakul.com\/index.php\/wp-json\/wp\/v2\/tags?post=249"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}