AWS linux documentation change
Summary
Added explicit documentation about generated SSL certificate/key files and their paths
Security assessment
Improves documentation clarity around SSL/TLS implementation details but does not address vulnerabilities. Enhanced security documentation helps users properly configure encryption.
Diff
diff --git a/linux/al2023/ug/SSL-on-amazon-linux-2023.md b/linux/al2023/ug/SSL-on-amazon-linux-2023.md index 272552d32..e2ec7d004 100644 --- a//linux/al2023/ug/SSL-on-amazon-linux-2023.md +++ b//linux/al2023/ug/SSL-on-amazon-linux-2023.md @@ -97 +97,7 @@ The `-y` option installs the updates without asking for confirmation. If you wou -This generates a new file `apache-selfsigned.crt` in the `/etc/pki/tls/certs/` directory. The specified file name matches the default that is assigned in the **SSLCertificateFile** directive in `/etc/httpd/conf.d/ssl.conf`. +This generates two files: + + * `/etc/pki/tls/private/apache-selfsigned.key` (the private key) + + * `/etc/pki/tls/certs/apache-selfsigned.crt` (the self-signed certificate) + +The certificate file name matches the default that is assigned in the **SSLCertificateFile** directive in `/etc/httpd/conf.d/ssl.conf`. @@ -107 +113,3 @@ The configuration file for mod_ssl. It contains _directives_ telling Apache wher -This file contains both a self-signed certificate and the certificate's private key. Apache requires the certificate and key to be in PEM format, which consists of Base64-encoded ASCII characters framed by "BEGIN" and "END" lines, as in the following abbreviated example. + * `/etc/pki/tls/private/apache-selfsigned.key` + +The `.crt` file contains the self-signed certificate and the `.key` file contains the private key. Apache requires the certificate and key to be in PEM format, which consists of Base64-encoded ASCII characters framed by "BEGIN" and "END" lines, as in the following abbreviated example.