Excellent works I'll be happy to see it included in Apache 2.0 distribution. With a few html/cgi stuff, it could be also used even by 'newbies'
- Henri Gomez ___[_]____ EMAIL : [EMAIL PROTECTED] (. .) PGP KEY : 697ECEDD ...oOOo..(_)..oOOo... PGP Fingerprint : 9DF8 1EA8 ED53 2F39 DC9B 904A 364F 80E6 >-----Original Message----- >From: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) >[mailto:[EMAIL PROTECTED]] >Sent: Friday, November 23, 2001 12:17 AM >To: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1); 'Gomez Henri' >Cc: '[EMAIL PROTECTED]' >Subject: RE: SSL and certficates script > > >Okay.. here's a more refined version of the script - including >features for >client / ca certificate generation.. I've tried to keep it simple and >modular - pl. let me know if you have any feedback.. > >-Madhu > >-----Original Message----- >From: Gomez Henri [mailto:[EMAIL PROTECTED]] >Sent: Wednesday, November 21, 2001 3:30 PM >To: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) >Cc: '[EMAIL PROTECTED]' >Subject: RE: SSL and certficates script > > >En r�ponse � "MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)" ><[EMAIL PROTECTED]>: > >> The script is pretty similar to what we had for Apache >1.3.x.. You can >> get >> the usage details by "./mkcert.sh --help".. Pl. do let me know if the >> Usage >> details provided are not sufficient - I'll try to put in more details >> there.. > >I just want to say that this script is a SUPERB tool and everything >is present to have the graal of SSL certs. > >We need a tool to generate : > >1) a custom CA cert >2) custom server certs signed with that CA >3) client (browser) certs signed all with that CA > >What will give Apache 2.0 a decent simple "PKI" and which will >be very usefull for small companies... > > >> The creation of a self-signed CA and a certificate are both linked >> together >> - it can be created by "./mkcert.sh --custom" or "./mkcert.sh >> --type=custom".. >> >> Did you want to just create the self-signed CA certificate only, and >> NOT >> the >> server certificate ?.. If yes, then it's not possible with >the current >> script.. I'm trying to make it more modular, so that you can have a >> mix-n-match of the functions.. >> Also, I've changed the layout of the files to a certain extent - the >> .csr >> files now go into the conf/ssl.crt/ directory itself -if this is not >> okay, I >> can change it back to go to conf/ssl.csr/ > >The scripts I sent previously included code to generate the client >cert (PKCS12 format). I feel you have now everything to give AP2.0 >its own little Cert Agency :))))) > >Hope you could do that for us :) > > >- >Henri Gomez ___[_]____ >EMAIL : [EMAIL PROTECTED] (. .) >PGP KEY : 697ECEDD ...oOOo..(_)..oOOo... >PGP Fingerprint : 9DF8 1EA8 ED53 2F39 DC9B 904A 364F 80E6 > >
