[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] [raq2]SSL Virtual Site Setup
- Subject: [cobalt-users] [raq2]SSL Virtual Site Setup
- From: Joe Kerns <joe@xxxxxxxxxxxxx>
- Date: Mon May 22 17:16:58 2000
- Organization: JoltinJoe.Com
If you are setting up Virtual Hosts with the Cobalt SSL package, here's
how I successfully generated the key, csr, and test cert and restarted the httpsd server with fully functional sites (I setup more
than 1, this order worked for me, use your judgment):
Key
/usr/sbin/openssl genrsa -out
/etc/httpd/conf/ssl.key/www.whateverdomain.com.key 1024
CSR
/usr/sbin/openssl req -new -key
/etc/httpd/conf/ssl.key/www.somedomain.com.key -out
/etc/httpd/conf/ssl.csr/www.somedomain.com.csr
TestCert
/usr/sbin/openssl x509 -req -days 365 -in
/etc/httpd/conf/ssl.csr/www.somedomain.com.csr -signkey
/etc/httpd/conf/ssl.key/www.somedomain.com.key -out
/etc/httpd/conf/ssl.crt/www.somedomain.com.crt
These should all be on one line.
Then in httpsd.conf put this inside the <virtualhost> container
<VirtualHost www.somedomain.com:443>
DocumentRoot /home/sites/sitexx/secure
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/www.somedomain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/www.somedomain.com.key
</VirtualHost>
Then restart httpsd
/etc/rc.d/init.d/httpsd restart
This worked for me, your mileage may vary. I asked if anyone knows the ramifications of adding v-sites without a PEM password, and
no one responded. I don't think it's a big deal because it still takes a password to start the server.
Hope this helps somebody and it ought to be a Knowledge Base article, because the one in the knowledge base isn't completely
correct (hint, hint, nudge, nudge, Jeff L.).
Joe