Re: renewing certificate

2007-04-16 Thread Bill Angus 
You might try the customer service dept. of the supplier who is providing your 
cert. Most are very good and will be able to help you do only what you need -- 
without a large number of time consuming extra steps. 

Bill Angus, MA
  - Original Message - 
  From: Bart Heller 
  To: openssl-users@openssl.org 
  Sent: Monday, April 16, 2007 12:11 PM
  Subject: renewing certificate


  Hey everyone. I'm still not so into this so here I go again.

   

  I am trying to rewenew an expeired certificate on a windows server 2003 
machine. None of the steps in the RenewCert.txt document seem to apply. I did 
not set this server up originally and I need lots of help trying to figure this 
thing out. 

   

  Here is the list of things I need to know:

   

  How to revoke the existing certificate - If you browse to the URL this server 
hosts, the certificate date is still the expired one.

  How to update the certificate on the server so the URL the outside world sees 
is up to date. 

   

  I have the CSR and private key saved in a separate folder from the original 
install so I hope that helps.

   

  Thanks!!

   

  And no obviously I'm not a webadmin, so bear with me please.

Re: Newbie question

2007-01-31 Thread Bill Angus 
This is just a shot in the dark answer -- because I don't know of a way to use 
SSL without using SSL :)

You can get a web-site project up and running using port 443 with a web-server 
(like apache), without using openSSL encryption on port 443 Then you can 
setup openSSL and your certs later and can encrypt communications over port 
443. 

Bill Angus, MA
http://www.psychtest.com

  - Original Message - 
  From: Doug Kunzman 
  To: openssl-users@openssl.org 
  Sent: Wednesday, January 31, 2007 10:02 AM
  Subject: Newbie question


  Can openssl be used for HTTP communication without using SSL if in the
  future we are going to SSL communication to our project?

  Doug


  __
  OpenSSL Project http://www.openssl.org
  User Support Mailing Listopenssl-users@openssl.org
  Automated List Manager   [EMAIL PROTECTED]

Re: Wildcard Certificates

2006-11-16 Thread Bill Angus 
I use godaddy -- no problems so far.
- Original Message - 
From: Stewart Dean [EMAIL PROTECTED]
To: undisclosed-recipients:
Sent: Thursday, November 16, 2006 7:53 AM
Subject: Wildcard Certificates


 We have been getting our certificates from Verisign...who appear to me
 to be getting an awful lot of money for a wisp of virtuality, for all
 that they are the standard of the industry.  We have a server that now
 needs a certificate and I went looking for cheaper certificates; I came
 up with some alternatives that I'd like your input/experience feedback on:
 - Your experience with less expensive CAs and their certificates
 - Digicert has single certificates for $100.  Has anyone done business
 with them/used their certificates?
 - They have a wildcard certificate, $449 for multiple single-level
 domains (*.bard.edu would cover all our sub-domains) AND multiple
 servers.  Sounds too good to be true...one certificate for all your
 subdomains and servers.  Note that it seems that the WC cert works for
 something like *.bard.eduif you have other domains hosted as apache
 aliases, like wombat.org, this would not cover them.
 = Has anyone had expereience with any WC Cert
 = With Digicert's WC Certs?
 I came across this 1.5 year old discussion of them in one of the
 O'Reilly blogs
 about 2/3rds the way down the page (search for wildcard), read all the
 pieces.  Note that:
 1) The posts are about 1.5 years old, so presumably what little problems
 there were have been resolved
 2) There may be browser issues, but  that may be a dead issue by now,
 such as
 3) You may only get one level from your splat (apparently IE 6 was fussy
 about this, dunno about IE7), i.e. mail.wombat.org works for
 *.wombat.org but www.mail.wombat.org may not

 http://www.onlamp.com/pub/a/apache/2005/02/17/apacheckbk.html

 -- 
 
 Stewart Dean, Unix System Admin, Henderson Computer Resources
 Center of Bard College, Annandale-on-Hudson, New York  12504
 [EMAIL PROTECTED]  voice: 845-758-7475, fax: 845-758-7035

 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing Listopenssl-users@openssl.org
 Automated List Manager   [EMAIL PROTECTED]



__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]