Toto

Asked: 2012-02-24 09:44:45 +0800 CST2012-02-24 09:44:45 +0800 CST 2012-02-24 09:44:45 +0800 CST

Where should an Apache SSL certificate be generated?

772

I see different locations to store self-signed SSL certificates for Apache.

Which one should be used in which case?

/etc/ssl/certs/ (pem file) + /etc/ssl/private/ (for key file)
/etc/apache2/ssl/

1 Answers

Voted

Best Answer

ceejayoz
2012-02-24T10:21:08+08:002012-02-24T10:21:08+08:00
They can be anywhere you like. /my/secret/porn/folder/just/kidding will work. Just make sure they're locked down so other users on the server can't read them.

I personally prefer the /etc/ssl/certs and /etc/ssl/keys approach, as I might switch to nginx or something - SSL certs aren't tied to a particular piece of server software. I've also seen them placed in the site's folder (i.e. /srv/domain.com/ssl), which can be nice organizationally.
4

Web Analytics Made Easy - Statcounter