On Thu, 2003-03-27 at 17:57, David Guntner wrote:
> I've just installed ML 9.1 (and will be joining the club as soon as I've
> got 60 bucks free :), which installs Apache 2 by default. I don't mind
> using it (I think :), but I've got a question regarding configuring ssl for
> it.
>
> With Apache 1.3, it was fairly straight forward to configuring your own
> site certificiate with the stuff that appeared in the configuration
> directories. However, none of those directories or files seem to be
> present in Apache 2. At least, not in the places I'm looking for them. :-)
> So, does anyone know how to go about generating your own site certificate
> for use with Apache 2? As much detail as possible would be helpful. :-)
>
> Thanks in advance for any help.
>
> --Dave
Here is what I did with Apache 2.0.44 under Mandrake 9:
Creating and setting the key
.- create the key and request:
openssl req -new > mysite.csr
.- remove the passphrase from the key (optional. read about security
risks):
openssl rsa -in privkey.pem -out mysite.key
.- convert request into signed cert:
openssl x509 -in mysite.csr -out mysite.cert -req -signkey mysite.key
\ -days 365
The Apache-SSL directives that you need to use the resulting cert are:
SSLCertificateFile /path/to/certs/new.cert.cert
SSLCertificateKeyFile /path/to/certs/new.cert.key
I created the subfolder /usr/local/apache2/certs and copied mysite.cert
and mysite.key to it.
If you are going to use virtual hosts, enter in httpd.conf
NameVirtualHost *:80
<VirtualHost *:80>
<IfDefine SSL>
SSLEngine off
</IfDefine>
DocumentRoot /your/web/site/root/
ServerName www.yoursitename.com
ServerAdmin [EMAIL PROTECTED]
</VirtualHost>
This is only needed if your site is going to have secure and insecure
pages.
.- In ssl.conf
<VirtualHost _default_:443>
DocumentRoot /mnt/windows/snc/codigo
#ServerName cualquier_cosa_pues_esta_comentada
ServerAdmin [EMAIL PROTECTED]
#.. rest of virtual host settings
# Server Certificate:
SSLCertificateFile /usr/local/apache2/certs/yoursite.cert
# Server Private Key:
SSLCertificateKeyFile /usr/local/apache2/certs/yoursite.key
.- Start apache using:
/usr/local/apache2/bin/apachectl -D SSL -k start
HTH
--
__
/ \\ @ __ __ @ Adolfo Bello <[EMAIL PROTECTED]>
/ // // /\ / \\ // \ // Bello Ingenieria S.A, ICQ: 65910258
/ \\ // / \\ / // // / // celular: +58 416 609-6213
/___// // / <_/ \__\\ //__/ // fax : +58 212 952-6797
www.bisapi.com // pager : [EMAIL PROTECTED]
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
