Re: installed ... now what? (looking for step x step docs)

Thu, 21 Oct 1999 03:39:17 -0700 

Ok, some answers from newbie to newbie. I hope they are correct - if not
please correct me.

You have to create only a cert-request and send it to a Trust-Center (CA).
They will sign it and return it to you.
# openssl genrsa -des3 -out MyKey.pem -rand file1:file2:... 1024
# openssl req -new -key MyKey.pem -out MyReq.pem
you have to answer some Questions about the cert. Look at the Policy of
your Trust-Center (Server-Cert: CommonName has to be SSL-server-name)

Doing so you get two things:
MyKey.pem: A DES-encrypted Key - keep it save
MyReq.pem: A cert-request - send it to your CA
The CA will return a Certificate.
Copy your Key and the Cert to the Certs-Directory of your Webserver and cat
them into one file, the server-certificate; replace the demo-cert.
If you are starting the Server, you have to enter the pass-phrase of your key.


Bye,
Florian
*******************************************++
At 23:56 20.10.99 PDT, you wrote:
>I installed apache during the freeBSD post-install configuration, and then 
>after the reboot, I installed openssl from the ports collection (after 
>installing rsaref, of course)
>
>All went well.  So theoretically, I now have a working web server (yes, the 
>web server works - I got the apache congrats message) with SSL capability.  
>Two questions:
>
>1. apache (i assume) needs to know that SSL is there ... when I installed 
>SSL (went into ports and ran 'make install') did it 'mesh'/integrate itself 
>into apache?  Or do I need to do something?
>
>2. How do I use it?  I assume I need to, first, generate some keys to send 
>to a CA, and then install the keys the CA gives me, and then finally set 
>some directories/files to be SSL-required only, and then I am in business 
>... I have not found a step by step file explaining how to do this yet.  Can 
>someone point me to one?
>
>thanks,
>
>john
>
>______________________________________________________
>Get Your Private, Free Email at http://www.hotmail.com
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [EMAIL PROTECTED]
>Automated List Manager                           [EMAIL PROTECTED]
>
 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to