A question about the “localhost.key” and “localhost.crt” files.

Jason Long hack3rcon at yahoo.com
Fri Sep 4 10:20:17 UTC 2020

I think “localhost.crt” and “localhost.key” files using by Apache and they are mandatory for get a HTTPS certificate. Some tools like "Certbot" need them.
If these files deleted then how can I regenerate them? Is below command OK?

# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/pki/tls/private/localhost.key -out /etc/ssl/certs/localhost.crt

I found "/usr/libexec/httpd-ssl-gencerts" tool. Is it OK too?

The "localhost" is the name of my server? If my server name in "/etc/hosts" file is "my-example.net" then these files name must be "my-example.net.key" and "my-example.net.crt" ?

I'm thankful if anyone answer to my questions clearly.

Thank you.

More information about the openssl-users mailing list