openssl genrsa -des3 -out privkey.pem 2048
(this should prompt you for a passphrase)http://www.openssl.org/docs/HOWTO/keys.txt
2. a) Generate a self-signed test certificate: openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
2. b) If you want to use a Trust-Center signed SSL certificate,
you need to create a certificate signing request (CSR) and submit it to a Certificate Authority (CA):
openssl req -new -key privkey.pem -out cert.csr
http://www.openssl.org/docs/HOWTO/certificates.txt
Some Certificate Authorities: http://www.verisign.com/ http://www.thawte.com/ http://www.instantssl.com/
At 17:27 24.07.2003 +1000, you wrote:
Hi. My quixotic tilt at mod_ssl continues... I am into my second book on this subject matter. Okay, let's put that in that "too-hard" basket for the moment. Let's make OpenSSL work first. It does. It asks me whether I want to DER or PEM. I take PEM. Then it tells me not enough random data. So I did this: # openssl -rand -des3 -out server.key 1024 That skipped the PEM bit, BUT how do I get it to challenge with a pass phrase dialogue ? Do all of you use PEM ?
Regards, Discombobulated... Perplexed in search of perspicacity is the first sign of neurosis.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
