> An alternative would be to use mod_rewrite on the server and rewrite all
> requests for xxx.com to www.xxx.com, but I haven't got around to this
> yet, hopefully it will be a simple thing.
easy to do for http servers, several people have sent the rewrite
snippets. not really possible for ssl tho
> An alternative would be to use mod_rewrite on the server and rewrite all
> requests for xxx.com to www.xxx.com, but I haven't got around to this
> yet, hopefully it will be a simple thing.
easy to do for http servers, several people have sent the rewrite
snippets. not really possible for ssl tho
Quoting myself:
> Quoting Jeff ([EMAIL PROTECTED]):
> > * Important that during CSR the Common Name match the web server name
> > that browsers will use.
>
> Indeed. I've been intending to revise my article to insert mention of
> that fact. Thanks for the reminder.
Reviewing my article, I find
Quoting myself:
> Quoting Jeff ([EMAIL PROTECTED]):
> > * Important that during CSR the Common Name match the web server name
> > that browsers will use.
>
> Indeed. I've been intending to revise my article to insert mention of
> that fact. Thanks for the reminder.
Reviewing my article, I find
Nikolai Buer, 2003-11-04 14:50:28 +0100 :
> An alternative would be to use mod_rewrite on the server and rewrite all
> requests for xxx.com to www.xxx.com, but I haven't got around to this
> yet, hopefully it will be a simple thing.
ServerName www.domain.tld
ServerAlias domain.tld
RewriteE
Here comes answers from the main developer Tomas Gustavsson
//Henrik Andreasson
>>If your out to get a larger CA server (works for smaller installations
>>too) check out ejbca, build on Enterprise Java Beans.
>>
>>ejbca.sf.net / http://sourceforge.net/projects/ejbca
> Can you put some number
Nikolai Buer said the following on 04/11/03 13:46:
An alternative would be to use mod_rewrite on the server and rewrite
all requests for xxx.com to www.xxx.com, but I haven't got around to
this yet, hopefully it will be a simple thing.
This does it for me:
RewriteEngine on
RewriteCond %{HTTP_
Nikolai Buer, 2003-11-04 14:50:28 +0100 :
> An alternative would be to use mod_rewrite on the server and rewrite all
> requests for xxx.com to www.xxx.com, but I haven't got around to this
> yet, hopefully it will be a simple thing.
ServerName www.domain.tld
ServerAlias domain.tld
RewriteE
> * Important that during CSR the Common Name match the web server name that
> browsers will use: eg www.xxx.com otherwise clients will all display a warning
> that the server certificate does not match the name of the server.
Actually that's quite annoying. Some people like to skip www in the
nam
Here comes answers from the main developer Tomas Gustavsson
//Henrik Andreasson
>>If your out to get a larger CA server (works for smaller installations
>>too) check out ejbca, build on Enterprise Java Beans.
>>
>>ejbca.sf.net / http://sourceforge.net/projects/ejbca
> Can you put some number
Nikolai Buer said the following on 04/11/03 13:46:
An alternative would be to use mod_rewrite on the server and rewrite
all requests for xxx.com to www.xxx.com, but I haven't got around to
this yet, hopefully it will be a simple thing.
This does it for me:
RewriteEngine on
RewriteCond %{HTTP_HOST}
> * Important that during CSR the Common Name match the web server name that
> browsers will use: eg www.xxx.com otherwise clients will all display a warning
> that the server certificate does not match the name of the server.
Actually that's quite annoying. Some people like to skip www in the
nam
Henrik,
This actually looks to have a rather interesting feature set:
http://ejbca.sourceforge.net/aboutejb.htm
- would be interesting to have someone who actually uses it daily
tell us about what's fab and what's not?
- are you a user? can you comment?
At the moment, company policy preclu
Quoting Jeff ([EMAIL PROTECTED]):
> mmm - so the narrative talks about SERVER certs but the actual commands use
> CLIENT... the SERVER key, csr and crt are called Client.key Client.csr
> Client.crt - wouldn't it just be clearer to call them Server.key Server.csr
> and
> Server.crt?
Beats the he
- Original Message -
From: "Henrik Andreasson" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, November 04, 2003 11:39 AM
Subject: Re: certificate server
>
> If your out to get a larger CA server (works for smaller installations
> too) check out ejbca, build on Enterprise Java Beans.
>
> ejbca
- Original Message -
From: "Rick Moen" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, November 04, 2003 11:50 AM
Subject: Re: certificate server
> Quoting Jeff ([EMAIL PROTECTED]):
>
> > The use of Client is confusing - you actually appear to be generating
> > what I would call a self-signed se
If your out to get a larger CA server (works for smaller installations
too) check out ejbca, build on Enterprise Java Beans.
ejbca.sf.net / http://sourceforge.net/projects/ejbca
//Henrik Andreasson
Quoting Jeff ([EMAIL PROTECTED]):
> The use of Client is confusing - you actually appear to be generating
> what I would call a self-signed server certificate for installation on
> one specific webserver. This is for authenticating this signel Server
> to clients that browse your website using HTT
- Original Message -
From: "Rick Moen" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, November 04, 2003 10:23 AM
Subject: Re: certificate server
>
> We'll generate three files, and end up using two of them. First, we
> generate the RSA keypair (client.key, which is in BASE64 PEM format,
> whic
Henrik,
This actually looks to have a rather interesting feature set:
http://ejbca.sourceforge.net/aboutejb.htm
- would be interesting to have someone who actually uses it daily
tell us about what's fab and what's not?
- are you a user? can you comment?
At the moment, company policy preclu
Quoting Jeff ([EMAIL PROTECTED]):
> mmm - so the narrative talks about SERVER certs but the actual commands use
> CLIENT... the SERVER key, csr and crt are called Client.key Client.csr
> Client.crt - wouldn't it just be clearer to call them Server.key Server.csr and
> Server.crt?
Beats the hell
- Original Message -
From: "Henrik Andreasson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, November 04, 2003 11:39 AM
Subject: Re: certificate server
>
> If your out to get a larger CA server (works for smaller installations
> too) check out ejbca, build on Enterprise Jav
- Original Message -
From: "Rick Moen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, November 04, 2003 11:50 AM
Subject: Re: certificate server
> Quoting Jeff ([EMAIL PROTECTED]):
>
> > The use of Client is confusing - you actually appear to be generating
> > what I would ca
If your out to get a larger CA server (works for smaller installations
too) check out ejbca, build on Enterprise Java Beans.
ejbca.sf.net / http://sourceforge.net/projects/ejbca
//Henrik Andreasson
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contac
Quoting Jeff ([EMAIL PROTECTED]):
> The use of Client is confusing - you actually appear to be generating
> what I would call a self-signed server certificate for installation on
> one specific webserver. This is for authenticating this signel Server
> to clients that browse your website using HTT
- Original Message -
From: "Rick Moen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, November 04, 2003 10:23 AM
Subject: Re: certificate server
>
> We'll generate three files, and end up using two of them. First, we
> generate the RSA keypair (client.key, which is in BASE64
I will be happy to participate, until now, I have writed an personnal
how-to (in french)
I use only openssl for my certificates managment
--
/°> May the GNU/Linux be with you, young Jedi!
(V)_ delete remove_NO_1SPAM from email for reply
Le mar 04/11/2003 à 10:43, Jeff a écrit :
>
> I operate
Quoting Jeff ([EMAIL PROTECTED]):
> If you understand how a CA works, then its easy peasy. If not, you
> will need to understand how a CA works it before you dive in.
>
> The documentation is poor, and last I looked, there were not many
> examples - it seems to still have a whiff of the arcane.
Dear Sirs,
We are looking for a complete description (leaflet) in english for S3
Security Shoes, this means features, composition
of the shoe etc.
It would be very helpfull if could email me still today under:
[EMAIL PROTECTED]
Thanking in advance for your attention.
Best Regards
Paula Lopes
Hi,
There are also :
ElyCA :
http://eurodev.net/~pablo/ (the project has little hardware problems)
or http://freshmeat.net/projects/elyca/?topic_id=44
CSP: Certificate Service Provider :
http://devel.it.su.se/projects/CSP/
NewPKI :
http://www.newpki.org/
the site of PyCA is http://www.pyca.de/
I will be happy to participate, until now, I have writed an personnal
how-to (in french)
I use only openssl for my certificates managment
--
/°> May the GNU/Linux be with you, young Jedi!
(V)_ delete remove_NO_1SPAM from email for reply
Le mar 04/11/2003 à 10:43, Jeff a écrit :
>
> I operate
requirement:certificate authority
package:openssl
installation: apt-get install openssl
Openssl has all the functionality you need to create and operate your own
Certificate Authority.
Openssl can generate a self-signed certificate for the CA itself.
Openssl can generate and sign se
Quoting Jeff ([EMAIL PROTECTED]):
> If you understand how a CA works, then its easy peasy. If not, you
> will need to understand how a CA works it before you dive in.
>
> The documentation is poor, and last I looked, there were not many
> examples - it seems to still have a whiff of the arcane.
On Tue, 4 Nov 2003, rico wrote:
> Hello
>
> Do you know if exist a package that implements a certificate server (PKI) for
> debian, and where I can find it?
You might want to take a look at pyca, it is apt-get installable.
Another package I know of is openCA (www.openca.org), but that is not in
Dear Sirs,
We are looking for a complete description (leaflet) in english for S3
Security Shoes, this means features, composition
of the shoe etc.
It would be very helpfull if could email me still today under:
[EMAIL PROTECTED]
Thanking in advance for your attention.
Best Regards
Paula Lopes
Hi,
There are also :
ElyCA :
http://eurodev.net/~pablo/ (the project has little hardware problems)
or http://freshmeat.net/projects/elyca/?topic_id=44
CSP: Certificate Service Provider :
http://devel.it.su.se/projects/CSP/
NewPKI :
http://www.newpki.org/
the site of PyCA is http://www.pyca.de/
requirement:certificate authority
package:openssl
installation: apt-get install openssl
Openssl has all the functionality you need to create and operate your own
Certificate Authority.
Openssl can generate a self-signed certificate for the CA itself.
Openssl can generate and sign se
Hello
Do you know if exist a package that implements a certificate
server (PKI) for debian, and where I can find it?
Thank you very much!
On Tue, 4 Nov 2003, rico wrote:
> Hello
>
> Do you know if exist a package that implements a certificate server (PKI) for
> debian, and where I can find it?
You might want to take a look at pyca, it is apt-get installable.
Another package I know of is openCA (www.openca.org), but that is not in
Hello
Do you know if exist a package that implements a certificate
server (PKI) for debian, and where I can find it?
Thank you very much!
40 matches
Mail list logo
