0

Recently i have created self signed ssl certificates with the following commands

STEP 1: Create the server private key

openssl genrsa -out main.key 2048

STEP 2: Create the certificate signing request (CSR)

openssl req -new -key main.key -out main.csr

STEP 3: Sign the certificate using the private key and CSR

openssl x509 -req -days 365 -in tls.csr -signkey main.key -out main.crt

i haven't added ssl certificate info, in to my apache default file in : site-enabled config folder

but after an apache restart it took effect and i am able get https connection, but with a warning.

now i want to remove those self signed certificate. is that possible ?

i tried to revoke those certificates with this command - openssl ca -config /root/tls/openssl.cnf -revoke /certs/server-1.crt

but the above command didnt work .

i am currently very new to ssl certificate generation. any help is appreciated.

Venigalla Shanmukha
  • 1
  • 1
  • 2
  • You can change your apache config to no longer use this cert&key (and either not use SSL/TLS at all, or use a different cert&key if you have/get one). You can delete the files, but if you do that without changing the apache config, apache won't start. You can't revoke a self-signed cert (no matter what software created it); only a cert issued under a CA can be revoked, and the entire purpose and point of a selfsigned cert is that it is NOT issued under a CA. And this isn't about programming or development; if you have a more specific, clear Q it would fit better on superuer. – dave_thompson_085 Sep 11 '21 at 14:33

0 Answers0