You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Galaxy Virus <ga...@yahoo.com> on 2007/08/27 08:02:23 UTC
[users@httpd] configuring SSL
Dear all,
To get private key and certificate, I did,
$ openssl req -new -x509 -newkey rsa:2048 -out host_req.pem -keyout host_key.pem
And I sent certificate (host_req.pem) to CA in order to get real certificate and they sent me back the singed certificate.
>From there, I dont know how to configure this certificate and key in apache.
Could you please explain me how to do it or give me a link? Although I read http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#aboutcerts , I didnt get how to make configuration.
regards,
galaxy
---------------------------------
Shape Yahoo! in your own image. Join our Network Research Panel today!
Re: [users@httpd] configuring SSL
Posted by Galaxy Virus <ga...@yahoo.com>.
Thank you so much for your reply. I got it. But I have still some problems.
1) Our MoCA organisation issued sequrity certificate for everyone who is the member of that organisation. The members used their own file to browse the www.123.com.
2) I made new server hosting www.abc.com and I generated hostreq.pem file and sent it to MoCA to get signed CA certificate file. After I got it, I made configuration as you explained.
It works!
But the other members browse www.abc.com, they will use their own certificate file issed by the MoCA. It doesnt work.
Frankly speaking, I just know server.key and server.cert file since I found many docs mentioned about ssl configuration. I dont see the case for the users who will also use their certificates file.
Please help me as soon as possible.
regards,
galaxy
---------------------------------
Boardwalk for $500? In 2007? Ha!
Play Monopoly Here and Now (it's updated for today's economy) at Yahoo! Games.
Re: [users@httpd] configuring SSL
Posted by Brian Munroe <br...@gmail.com>.
On 8/26/07, Galaxy Virus <ga...@yahoo.com> wrote:
> Dear all,
>
> To get private key and certificate, I did,
>
> $ openssl req -new -x509 -newkey rsa:2048 -out host_req.pem -keyout
> host_key.pem
>
> And I sent certificate (host_req.pem) to CA in order to get real certificate
> and they sent me back the singed certificate.
>
> From there, I dont know how to configure this certificate and key in apache.
Assuming you are using a stock Apache 2.0.
in $APACHE_HOME/conf, there should be a httpd.conf file, Open it and
make sure there is the following line somewhere near the top:
LoadModule ssl_module modules/mod_ssl.so
In $APACHE_HOME/conf, there should also be a ssl.conf file. Open it
and find the two lines:
SSLCertificateFile /path/to/this/server.crt
SSLCertificateKeyFile /path/to/this/server.key
Change the SSLCertificateFile entry to point to signed certificate you
got from the CA. I like to put a *.crt on the end of these files.
Change the SSLCertificateKeyFile entry to point to your signing key,
which in you example above is host_key.perm.
Now start apache with SSL by issuing:
$ apachectl startssl
That is the very basics - I assumed you had the default install, so if
your configuration varies much, this may not work for you.
-- brian
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org