Dann Daggett wrote:
My apologies for being so ignorant. ...
Ignorance requires no apologies when it presents questions
rather than assertions.
Regards,
kudzu
__
OpenSSL Project http://www.openssl.
Hi Dann,
On September 5, 2003 08:08 pm, Dann Daggett wrote:
> But your answer brings up yet another question :) Most people do not
> have their own certificate, yet are able to do https transactions with
> secure web servers. Does each browser have a default certificate it
> presents in this case?
> Then the contents of the /certs directory just doesn't matter,
> since the OpenSSL library is being explicitly told where the
> certificates are to be found.
>
> It all depends on what you want to do.
I need to do it all. After apache for secure transactions, I want to
use my own certs to allo
> > However, I still don't know about the empty /certs directory. Am I
supposed
> > to copy /usr/local/src/openssl-0.9.7b/certs/ to /usr/local/ssl/certs? It
> > seems strange that the install script wouldn't have done that as well if
it
> > were needed.
>
> Well you copy the ones that are relevant
Dann Daggett wrote:
However, I still don't know about the empty /certs directory. Am I supposed
to copy /usr/local/src/openssl-0.9.7b/certs/ to /usr/local/ssl/certs? It
seems strange that the install script wouldn't have done that as well if it
were needed.
Well, it depends on what you want to do.
On Fri, Sep 05, 2003, Dann Daggett wrote:
>
> However, I still don't know about the empty /certs directory. Am I supposed
> to copy /usr/local/src/openssl-0.9.7b/certs/ to /usr/local/ssl/certs? It
> seems strange that the install script wouldn't have done that as well if it
> were needed.
>
Wel
> > I'm hesitant to start giving read access to all the
> > application's "run as" users to the ssl directories.
> > Consequently Im wondering wehter the openssl
> > libs have root access even though Apache might be running
> > as "nobody"? Or, do I duplicate all the certs
> > in each app's respe
In my setup, I installed openssl to /usr/local/ssl. In that dir there is a
/certs directory which is empty. However, in my source dir
/usr/local/src/openssl-0.9.7b/certs/ there over 20 .pem files (and their
associated hashes) which look to be the trusted root certificates. Should
those be copied to
