On Fri, 30 Jul 1999, Holger Reif wrote:
> Steven J Sobol schrieb:
> >
> > On Thu, Jul 29, 1999 at 05:03:20PM +1000, Damien Miller wrote:
> >
> > > > You can have a look at the mkcert.sh script of mod_ssl. This might
> > > > be a good starter.
> > >
> > > ... or better yet, the CA.pl included with OpenSSL
> >
> > The script itself seems to work well, but for some reason Apache doesn't
> > like the server certificates it generates... I do an "httpd restart"
> > and the web server starts back up, and waits for a pass phrase for the
> > certificate, and waits, and waits, and waits...
>
> The server key is password protected. You didn'T mention
> your server sw but it is for sure in the FAQ. Here is a short
> solution:
>
> openssl rsa -in your_server.key -out your_server_key_wo_passpharse.key
I modify CA.pl and add the following lines:
} elsif (/^-newreq-no-pw$/) {
# create a certificate request
system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
$RET=$?;
print "Request (and private key) is in newreq.pem\n";
To generate a unencrypted certificate request.
Regards,
Damien Miller
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.ilogic.com.au/~dmiller
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
