Hi there. ... I use my own CA to sign my SSL certificates, so I have a slightly modified apache2_plugin.inc.php Code: //exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file"); // HERE comes the only important modification. We sign the CRT file with our own CA! exec("openssl ca -batch -out $crt_file -config /etc/pki/CA-lab/openssl.cnf -passin pass:$cert_password -in $csr_file"); (It looks better to have the 4 calls separated with 4 exec calls. ) To make the code clean and update friendly, IMO this call should be stored in some external config-like file, that does not get overwritten in an update. What is the main developer's opinion on this? Greetings and respect! ..