On Tue, 4 Nov 2003 15:21:14 +0100 (CET), Henrik Andreasson wrote:
>Here comes answers from the main developer Tomas Gustavsson
>
>//Henrik Andreasson
>
>>>If your out to get a larger CA server (works for smaller installations
>>>too) check out ejbca, build on Enterprise Java Beans.
>>>
>>>ejbca.sf
On Tue, 4 Nov 2003 15:21:14 +0100 (CET), Henrik Andreasson wrote:
>Here comes answers from the main developer Tomas Gustavsson
>
>//Henrik Andreasson
>
>>>If your out to get a larger CA server (works for smaller installations
>>>too) check out ejbca, build on Enterprise Java Beans.
>>>
>>>ejbca.sf
> An alternative would be to use mod_rewrite on the server and rewrite all
> requests for xxx.com to www.xxx.com, but I haven't got around to this
> yet, hopefully it will be a simple thing.
easy to do for http servers, several people have sent the rewrite
snippets. not really possible for ssl tho
> An alternative would be to use mod_rewrite on the server and rewrite all
> requests for xxx.com to www.xxx.com, but I haven't got around to this
> yet, hopefully it will be a simple thing.
easy to do for http servers, several people have sent the rewrite
snippets. not really possible for ssl tho
Quoting myself:
> Quoting Jeff ([EMAIL PROTECTED]):
> > * Important that during CSR the Common Name match the web server name
> > that browsers will use.
>
> Indeed. I've been intending to revise my article to insert mention of
> that fact. Thanks for the reminder.
Reviewing my article, I find
Quoting myself:
> Quoting Jeff ([EMAIL PROTECTED]):
> > * Important that during CSR the Common Name match the web server name
> > that browsers will use.
>
> Indeed. I've been intending to revise my article to insert mention of
> that fact. Thanks for the reminder.
Reviewing my article, I find
Nikolai Buer, 2003-11-04 14:50:28 +0100 :
> An alternative would be to use mod_rewrite on the server and rewrite all
> requests for xxx.com to www.xxx.com, but I haven't got around to this
> yet, hopefully it will be a simple thing.
ServerName www.domain.tld
ServerAlias domain.tld
RewriteE
Here comes answers from the main developer Tomas Gustavsson
//Henrik Andreasson
>>If your out to get a larger CA server (works for smaller installations
>>too) check out ejbca, build on Enterprise Java Beans.
>>
>>ejbca.sf.net / http://sourceforge.net/projects/ejbca
> Can you put some number
Nikolai Buer said the following on 04/11/03 13:46:
An alternative would be to use mod_rewrite on the server and rewrite
all requests for xxx.com to www.xxx.com, but I haven't got around to
this yet, hopefully it will be a simple thing.
This does it for me:
RewriteEngine on
RewriteCond %{HTTP_
Nikolai Buer, 2003-11-04 14:50:28 +0100 :
> An alternative would be to use mod_rewrite on the server and rewrite all
> requests for xxx.com to www.xxx.com, but I haven't got around to this
> yet, hopefully it will be a simple thing.
ServerName www.domain.tld
ServerAlias domain.tld
RewriteE
> * Important that during CSR the Common Name match the web server name that
> browsers will use: eg www.xxx.com otherwise clients will all display a warning
> that the server certificate does not match the name of the server.
Actually that's quite annoying. Some people like to skip www in the
nam
Here comes answers from the main developer Tomas Gustavsson
//Henrik Andreasson
>>If your out to get a larger CA server (works for smaller installations
>>too) check out ejbca, build on Enterprise Java Beans.
>>
>>ejbca.sf.net / http://sourceforge.net/projects/ejbca
> Can you put some number
Nikolai Buer said the following on 04/11/03 13:46:
An alternative would be to use mod_rewrite on the server and rewrite
all requests for xxx.com to www.xxx.com, but I haven't got around to
this yet, hopefully it will be a simple thing.
This does it for me:
RewriteEngine on
RewriteCond %{HTTP_HOST}
> * Important that during CSR the Common Name match the web server name that
> browsers will use: eg www.xxx.com otherwise clients will all display a warning
> that the server certificate does not match the name of the server.
Actually that's quite annoying. Some people like to skip www in the
nam
any policy precludes J2EE on any server, even the
CA server, so I would need some powerful arguments even to give it
a spin...
- Original Message -
From: "Jeff" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, November 04, 2003 12:16 PM
Subject: Re: certificate server
> - O
Quoting Jeff ([EMAIL PROTECTED]):
> mmm - so the narrative talks about SERVER certs but the actual commands use
> CLIENT... the SERVER key, csr and crt are called Client.key Client.csr
> Client.crt - wouldn't it just be clearer to call them Server.key Server.csr
> and
> Server.crt?
Beats the he
- Original Message -
From: "Henrik Andreasson" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, November 04, 2003 11:39 AM
Subject: Re: certificate server
>
> If your out to get a larger CA server (works for smaller installations
> too) check out ejbca, build
- Original Message -
From: "Rick Moen" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, November 04, 2003 11:50 AM
Subject: Re: certificate server
> Quoting Jeff ([EMAIL PROTECTED]):
>
> > The use of Client is confusing - you actually appear to be generating
> &g
If your out to get a larger CA server (works for smaller installations
too) check out ejbca, build on Enterprise Java Beans.
ejbca.sf.net / http://sourceforge.net/projects/ejbca
//Henrik Andreasson
Quoting Jeff ([EMAIL PROTECTED]):
> The use of Client is confusing - you actually appear to be generating
> what I would call a self-signed server certificate for installation on
> one specific webserver. This is for authenticating this signel Server
> to clients that browse your website using HTT
- Original Message -
From: "Rick Moen" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, November 04, 2003 10:23 AM
Subject: Re: certificate server
>
> We'll generate three files, and end up using two of them. First, we
> generate the RSA keypair (client.key,
any policy precludes J2EE on any server, even the
CA server, so I would need some powerful arguments even to give it
a spin...
- Original Message -
From: "Jeff" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, November 04, 2003 12:16 PM
Subject: Re: certi
Quoting Jeff ([EMAIL PROTECTED]):
> mmm - so the narrative talks about SERVER certs but the actual commands use
> CLIENT... the SERVER key, csr and crt are called Client.key Client.csr
> Client.crt - wouldn't it just be clearer to call them Server.key Server.csr and
> Server.crt?
Beats the hell
- Original Message -
From: "Henrik Andreasson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, November 04, 2003 11:39 AM
Subject: Re: certificate server
>
> If your out to get a larger CA server (works for smaller installations
> too) check
- Original Message -
From: "Rick Moen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, November 04, 2003 11:50 AM
Subject: Re: certificate server
> Quoting Jeff ([EMAIL PROTECTED]):
>
> > The use of Client is confusing - you actually appear
If your out to get a larger CA server (works for smaller installations
too) check out ejbca, build on Enterprise Java Beans.
ejbca.sf.net / http://sourceforge.net/projects/ejbca
//Henrik Andreasson
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contac
Quoting Jeff ([EMAIL PROTECTED]):
> The use of Client is confusing - you actually appear to be generating
> what I would call a self-signed server certificate for installation on
> one specific webserver. This is for authenticating this signel Server
> to clients that browse your website using HTT
- Original Message -
From: "Rick Moen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, November 04, 2003 10:23 AM
Subject: Re: certificate server
>
> We'll generate three files, and end up using two of them. First, we
> generate the
I will be happy to participate, until now, I have writed an personnal
how-to (in french)
I use only openssl for my certificates managment
--
/°> May the GNU/Linux be with you, young Jedi!
(V)_ delete remove_NO_1SPAM from email for reply
Le mar 04/11/2003 à 10:43, Jeff a écrit :
>
> I operate
Quoting Jeff ([EMAIL PROTECTED]):
> If you understand how a CA works, then its easy peasy. If not, you
> will need to understand how a CA works it before you dive in.
>
> The documentation is poor, and last I looked, there were not many
> examples - it seems to still have a whiff of the arcane.
a package that implements a certificate server (PKI)
> > for debian, and where I can find it?
>
> You might want to take a look at pyca, it is apt-get installable.
>
> Another package I know of is openCA (www.openca.org), but that is not in
> the packages list.
>
> Grx HdV
>
I will be happy to participate, until now, I have writed an personnal
how-to (in french)
I use only openssl for my certificates managment
--
/°> May the GNU/Linux be with you, young Jedi!
(V)_ delete remove_NO_1SPAM from email for reply
Le mar 04/11/2003 à 10:43, Jeff a écrit :
>
> I operate
eft in it]
HIH,
Jeff
- Original Message -
From: "rico" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, November 04, 2003 8:43 AM
Subject: certificate server
Hello
Do you know if exist a package that implements a certificate server (PKI) for
debian, and where I can find it?
Thank you very much!
Quoting Jeff ([EMAIL PROTECTED]):
> If you understand how a CA works, then its easy peasy. If not, you
> will need to understand how a CA works it before you dive in.
>
> The documentation is poor, and last I looked, there were not many
> examples - it seems to still have a whiff of the arcane.
On Tue, 4 Nov 2003, rico wrote:
> Hello
>
> Do you know if exist a package that implements a certificate server (PKI) for
> debian, and where I can find it?
You might want to take a look at pyca, it is apt-get installable.
Another package I know of is openCA (www.openca.org), but
a package that implements a certificate server (PKI) for
> > debian, and where I can find it?
>
> You might want to take a look at pyca, it is apt-get installable.
>
> Another package I know of is openCA (www.openca.org), but that is not in
> the packages list.
>
> Grx
eft in it]
HIH,
Jeff
- Original Message -
From: "rico" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, November 04, 2003 8:43 AM
Subject: certificate server
Hello
Do you know if exist a package that implements a certificate server (PKI) for
debian, and
Hello
Do you know if exist a package that implements a certificate
server (PKI) for debian, and where I can find it?
Thank you very much!
On Tue, 4 Nov 2003, rico wrote:
> Hello
>
> Do you know if exist a package that implements a certificate server (PKI) for
> debian, and where I can find it?
You might want to take a look at pyca, it is apt-get installable.
Another package I know of is openCA (www.openca.org), but
Hello
Do you know if exist a package that implements a certificate
server (PKI) for debian, and where I can find it?
Thank you very much!
40 matches
Mail list logo
