Skip to content

Instantly share code, notes, and snippets.

@remy

remy/stunnel-rapidssl-howto.md

Last active December 17, 2015 03:49
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save remy/5546532 to your computer and use it in GitHub Desktop.
Save remy/5546532 to your computer and use it in GitHub Desktop.
Download ZIP
A walk through for me, on how to configure a server with SSL using RapidSSL and stunnel
Raw
stunnel-rapidssl-howto.md

Generate .csr and .key file

openssl req -new -newkey rsa:2048 -nodes -keyout headshots.leftlogic.com.key -out headshots.leftlogic.com.csr

Ensure the "common name" is the host you want to assign the certificate to (in my case it was headshots.leftlogic.com).

Paste the contents of the .csr file in to the .csr field in namecheap.com. Follow the authorisation emails from RapidSSL

Create the .crt file by combining the web server certificate and the imtermediate CA from RapidSSL (I've used cat), so the file looks like this:

-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

Save this with the extension .crt.

Create the .pem file by adding the .key file to the top of the .crt file:

cat headshots.leftlogic.com.key > headshots.leftlogic.com.pem
cat headshots.leftlogic.com.crt >> headshots.leftlogic.com.pem

Add both files to the stunnel config:

cert=/etc/stunnel/headshots.leftlogic.com.pem
key=/etc/stunnel/headshots.leftlogic.com.key

pid = /headshots-stunnel4.pid

[https]
accept  = 443
connect = 9000

Restart stunnel

/etc/init.d/stunnel4 restart
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment