[GLLUG] Apache-SSL

Dpk dpk@egr.msu.edu
Tue, 16 Apr 2002 12:16:56 -0400

Previous message: [GLLUG] Apache-SSL
Next message: [GLLUG] Apache-SSL
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 16, 2002 at 12:08:29PM -0400, Mike Szumlinski wrote:

   Has anyone set up a secure VirtualHost using apache13 on FreeBSD? I
   can't seem to find a good howto out there anywhere. I have it
   compiled and installed, but I can't figure out how to generate
   certificates and turn on the SSL VirtualHost (my primary host works
   fine)
   
The apache-ssl/mod-ssl and openssl websites should provide you with
this information.  If you have problems, this should get you
started...  To enerate a self-signed certificate:

openssl  md5 * > rand.dat
openssl req -new -rand rand.dat > www.csr
openssl rsa -in privkey.pem -out www.key
openssl x509 -in www.csr -out www.cert -req -signkey www.key -days 365

I would highly recommend using mod-ssl over apache-ssl... you can
search sunmanagers.org for the numerous reasons to do so.  Using
mod-ssl, the directives you will want to add to the VirtualHost:

SSLEngine on
SSLVerifyClient 0
SSLVerifyDepth 10
SSLCertificateKeyFile /usr/local/apache/certs/www.key
SSLCertificateFile /usr/local/apache/certs/www.cert
SSLCACertificatePath /usr/local/apache/certs

Hope this helps.

Dpk

Previous message: [GLLUG] Apache-SSL
Next message: [GLLUG] Apache-SSL
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]