On Sat, Aug 03, 2002 at 05:26:54PM +0200, Teun Vink wrote: > You can do 2 things: buy a certificate from a trusted party (e.g. Thawte > or OpenSRS), or use an unsigned certificate. You can create an unsigned > certificate yourself, but visitors of the https-site will be notified that > the cert is unsigned. A certificate should cost you somewhere between $100 > and $200 a year...
To be exact, the certificate is signed in both cases, the difference is in the signing authority. Thawte, Verisign are trusted (in theory), your own CA (Certificate Authority) if not trusted, and that's why most browsers complain when entering such a website. > Installing isn't that hard. Just run "apt-get apache-ssl", and check > http://www.apache-ssl.org for information on configuring SSL if you want > to use apache-ssl. Or http://www.modssl.org/ for its competitor :) Actually the documentation on that website is precise and easy, but the process of generating a self-signed certificate requires several runs of openssl with special parameters. Eventually, I wrote a simple script to make it easier. Marcin
