Creating a server certificate
Hi, https is working!!! Actually both http n https are working. Now im passing to the stage of creating a server certificate with the mod-ssl module. From the README.GlobalID file, there are 5 steps. The 1st step being: 1. You have to create a standard CA certificate Suppose to use the shell script gid-mkcert.sh in the /mod_ssl-2.2.3-1.3.4/pkg.contrib directory. However, running it yields gid-mkcert.sh: /sw/pkg/ssleay/bin/ssleay: not found mkgid.sh:Error: Failed to generate RSA private key Now, i dont even have a sw directory on my server! Running a find / -name ssleay -print yields /usr/local/ssl/bin/ssleay /opt/apache/SSLeay-0.9.0b/apps/ssleay In the gid-mkcert.sh file, i can see ssleay="/sw/pkg/ssleay/bin/ssleay" - i guess can be replaced by /opt/apache/SSLeay-0.9.0b/apps/ssleay cafix="/sw/pkg/ssleay/bin/ca-fix" pkcs12="/sw/pkg/ssleay/bin/pkcs12" Running a find / -name ca-fix (and pkcs12) -print yields nothing. I.e those 2 files cannot be found on my server!!! And i have a feeling tt those 2 files are quite important! :0 G. -- Gilles Chong ([EMAIL PROTECTED], [EMAIL PROTECTED]) Systems Engineer, Internet Division CSA Automated Pte Ltd, Singapore. __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Creating a server certificate
On Thu, Mar 11, 1999, Gilles L. Chong Hok Yuen wrote: https is working!!! Actually both http n https are working. Now im passing to the stage of creating a server certificate with the mod-ssl module. From the README.GlobalID file, there are 5 steps. The 1st step being: 1. You have to create a standard CA certificate Suppose to use the shell script gid-mkcert.sh in the /mod_ssl-2.2.3-1.3.4/pkg.contrib directory. However, running it yields gid-mkcert.sh: /sw/pkg/ssleay/bin/ssleay: not found mkgid.sh:Error: Failed to generate RSA private key Now, i dont even have a sw directory on my server! Running a find / -name ssleay -print yields /usr/local/ssl/bin/ssleay /opt/apache/SSLeay-0.9.0b/apps/ssleay In the gid-mkcert.sh file, i can see ssleay="/sw/pkg/ssleay/bin/ssleay" - i guess can be replaced by /opt/apache/SSLeay-0.9.0b/apps/ssleay cafix="/sw/pkg/ssleay/bin/ca-fix" pkcs12="/sw/pkg/ssleay/bin/pkcs12" Running a find / -name ca-fix (and pkcs12) -print yields nothing. I.e those 2 files cannot be found on my server!!! And i have a feeling tt those 2 files are quite important! :0 Sorry, but it's really nasty when people don't want to _READ_! The gid-mkcert.sh script looks like: | : | ## ssleay ... get it from ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/ | ## ca-fix ... get it from http://www.drh-consultancy.demon.co.uk/ca-fix.html | ## pkcs12 ... get it from http://www.drh-consultancy.demon.co.uk/pkcs12faq.html | ## | | # parameters | ssleay="/sw/pkg/ssleay/bin/ssleay" | cafix="/sw/pkg/ssleay/bin/ca-fix" | pkcs12="/sw/pkg/ssleay/bin/pkcs12" | sslcrtdir="." | sslcsrdir="." | sslkeydir="." | : In other words: FRIENDS, THE URLS ARE GIVEN JUST FOUR LINES AWAY FROM THE LINE YOU'RE EDITING! Hmmm... I'm really wondering why I always write down such a lot of details when people don't read it... So, please walk to the given URLs, fetch the tools, install it somewhere and edit the variables to reflect the used installation paths. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Creating a server certificate
11-Mar-99 14:06 you wrote: Sorry, but it's really nasty when people don't want to _READ_! The gid-mkcert.sh script looks like: | : | ## ssleay ... get it from ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/ | ## ca-fix ... get it from http://www.drh-consultancy.demon.co.uk/ca-fix.html | ## pkcs12 ... get it from http://www.drh-consultancy.demon.co.uk/pkcs12faq.html | ## | | # parameters | ssleay="/sw/pkg/ssleay/bin/ssleay" | cafix="/sw/pkg/ssleay/bin/ca-fix" | pkcs12="/sw/pkg/ssleay/bin/pkcs12" | sslcrtdir="." | sslcsrdir="." | sslkeydir="." | : In other words: FRIENDS, THE URLS ARE GIVEN JUST FOUR LINES AWAY FROM THE LINE YOU'RE EDITING! Hmmm... I'm really wondering why I always write down such a lot of details when people don't read it... It's simple: most peoples (like me :-) will real all this, will use info and will NOT write to the list. Few peoples will not read and will write to the list. The end result will look like noone ever try to read something :-)) So, please walk to the given URLs, fetch the tools, install it somewhere and edit the variables to reflect the used installation paths. __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Creating a server certificate
On Thu, Mar 11, 1999, Khimenko Victor wrote: Sorry, but it's really nasty when people don't want to _READ_! The gid-mkcert.sh script looks like: | : | ## ssleay ... get it from ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/ | ## ca-fix ... get it from http://www.drh-consultancy.demon.co.uk/ca-fix.html | ## pkcs12 ... get it from http://www.drh-consultancy.demon.co.uk/pkcs12faq.html | ## | | # parameters | ssleay="/sw/pkg/ssleay/bin/ssleay" | cafix="/sw/pkg/ssleay/bin/ca-fix" | pkcs12="/sw/pkg/ssleay/bin/pkcs12" | sslcrtdir="." | sslcsrdir="." | sslkeydir="." | : In other words: FRIENDS, THE URLS ARE GIVEN JUST FOUR LINES AWAY FROM THE LINE YOU'RE EDITING! Hmmm... I'm really wondering why I always write down such a lot of details when people don't read it... It's simple: most peoples (like me :-) will real all this, will use info and will NOT write to the list. Few peoples will not read and will write to the list. The end result will look like noone ever try to read something :-)) Yeah, obviously you're right... Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
