[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Apology and SSL FIXED

Subject: Re: [cobalt-users] Apology and SSL FIXED
From: Joe Kerns <joe@xxxxxxxxxxxxx>
Date: Mon May 22 09:59:34 2000
Organization: JoltinJoe.Com

> So I've decided an apology is in order. I should probably only make
> such posts on lists I own myself.
>
> I am sorry if I offended anyone.

I would have to say that anyone that has a problem with Jeff's post is outta order. The occasional off-topic post from someone
who is helpful can be overlooked. Get a grip people. Sheesh. While I don't always care for the wry grins or ever so close to
condescending tone from time to time, Jeff is pretty helpful. If some jack-aXx who never helped out posted something off-topic
it would be worthy of getting all lathered up over. Cut the folks that help the list along some slack and quit being so petty.

Now, here's the solution to my previous posts:

When generating the Private Key for virtual site editing the Makefile that comes with httpsd seems to nub up the process. I
used the following commands and it worked out.

Is it a security hole to not have a password for virtual sites? httpsd starts with a password, so I surmised (right or wrong)
that this makes it fairly secure. Any thoughts?

If you are setting up Virtual Hosts with the Cobalt SSL package, here's how you generate the key, csr, and test cert:

Key
/usr/sbin/openssl genrsa -out /etc/httpd/conf/ssl.key/www.whateverdomain.com.key 1024

CSR
/usr/sbin/openssl req -new -key /etc/httpd/conf/ssl.key/www.somedomain.com.key -out
/etc/httpd/conf/ssl.csr/www.somedomain.com.csr

TestCert
/usr/sbin/openssl x509 -req -days 365 -in /etc/httpd/conf/ssl.csr/www.somedomain.com.csr -signkey
/etc/httpd/conf/ssl.key/www.somedomain.com.key -out /etc/httpd/conf/ssl.crt/www.somedomain.com.crt

These should all be on one line.

Then in httpsd.conf put this inside the <virtualhost> container

<VirtualHost www.somedomain.com:443>
DocumentRoot /home/sites/sitexx/secure
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/www.somedomain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/www.somedomain.com.key
</VirtualHost>

Then restart httpsd
/etc/rc.d/init.d/httpsd restart

I'm going to re-post this so the subject is searchable in the archives and I would make this a knowledge base entry as well.

Joe

Prev by Date: Re: [cobalt-users] Re: Cobalt Wish List If you must respond tothis do it off the board!
Next by Date: RE: [cobalt-users] Re: Developmental Child Psychology
Previous by thread: [cobalt-users] who can send me Chihisoft ASP package for RAQ3i?
Next by thread: [cobalt-users] RE: Clearing Web Log

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index