24.7. Securing OpenSSL

Make your keys Read and Write only by the super-user root. This is important because no one needs to touch these files. use the following commands:


[root@deep] /# chmod 600  /etc/ssl/certs/ca.crt
[root@deep] /# chmod 600  /etc/ssl/certs/server.crt
[root@deep] /# chmod 600  /etc/ssl/private/ca.key
[root@deep] /# chmod 600  /etc/ssl/private/server.key

Some possible uses of OpenSSL software, for example OpenSSL can be used to:

  1. Create your own Certificate Server.

  2. Provide data confidentiality, integrity, authentication, and electronic signature in transmission for the users.

  3. Secure electronic commerce transactions.