Content Comparison

• Log into Snare Central as the user 'snare'
• Run the following command:
  • openssl req -new -newkey rsa:2048 -nodes -keyout snareserver.key -out snareserver.csr
    • NOTE: Your certificate provider may support key lengths greater than 2048 bytes.
    • This command begins the process of generating two files: the Private-Key file for the decryption of your SSL Certificate, and a certificate signing request (CSR) file (used to apply for your SSL Certificate) with the openssl tool.
    • When you are prompted for the Common Name, enter the fully qualified domain name for the site you are securing. If you are generating an Apache CSR for a Wildcard SSL Certificate, your common name should start with an asterisk (such as *.example.com).
    • You will then be prompted for your organizational information (including geographic location).
    • The file 'server.csr' will be created. Copy and paste the contents of this file, into the certificate order form of the organisation you will be purchasing your certificate from. You are likely to need to include the BEGIN and END sections of the content.
    • The snareserver.key file, will be required later, for certificate installation.
      • As a root-equivalent user (eg: sudo -s from the user snare), place the file into the directory /etc/apache2/ssl/

Although an upgrade to your Snare Central server will not overwrite your certificate, if the Apache configuration file needs to be updated for security or functionality reasons, there is a reasonable chance that your customisations to the Apache configuration file will be overwritten, returning your server back to a 'self signed' state.

After an update, please check your installation, and if required, reapply the 'Installation' information above.