Hi. Unbelievable, I searched all the servers for openssl.conf and found nothing. Some of these are stock standard default installatio sraight from the distro CDs from RH. I am going to install OpenSSL from sratch this weekend and ditch RH's distro copy. find /usr openssl.conf -type f find /usr -name openssl.conf etc... Nope. I mean, when you configure these things, the sey parametric values have to go somewhere, right ? That does it, download, compile, install OpenSSL this weekend. Ouch!
Simon Pabst wrote: > > I don't know about Redhat's openssl installation, > but propably it spreads over several directories. > > However there should be an openssl.conf somewhere, > maybe its in /etc/openssl.conf or /usr/local/openssl/openssl.conf > > If you can't find it, this might help: > find /etc -name openssl.conf > or > find /usr -name openssl.conf > > Installing openssl from source would also help getting a > clean (and more secure) openssl installation with everything in one directory. > > And don't mix up Apache2 ssl.conf with openssl.conf, they've got nothing to > do with each other. > In Apache 1 all the SSL stuff was in httpd.conf, in Apache 2 they just put > that into conf/ssl.conf. > > At 19:22 25.07.2003 +1000, you wrote: > >Hi. > >Thanks, I got EngelSchall's sign.sh. I am going through exactly those > >doco as we "speak", I think the problem with the documentation is that > >they refer to dfferent versions than mine. > >On my default RH7.1 Linux installation, I do not have /usr/local/ssl or > >/etc/ssl/openssl.conf, yet it comes well equipped with > >/etc/httpd/conf/ssl.crt ad /etc/httpd/conf/ssl.key. > >On the other hand, the Apache2 httpd.conf uses an Include conf/ssl.conf > >which doesn't look like the instructions on the documentation. I am so > >confused, I need a beer. > >Soooo, I won't be finishing the task this week. > > > > > >Simon Pabst wrote: > > > > > > A good HOWTO about Certificate Management and creating your own CA > > > is on http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/c118.html > > > > > > Another one is here: http://www.corserv.com/freebsd/apache-ssl-howto.html > > > (not so detailed, but not that good either) > > > > > > At 15:28 25.07.2003 +1000, you wrote: > > > >Hi! > > > >I am going throug a couple of books (O'Reilly OpenSSL" and SAM "Maxum > > > >Apache Security") and HOWTOs, I haven't come across instructions to set > > > >up a CA yet. Can you please oint me in the right direction ? > > > >TIA :( > > > > > > > >Bill Barker wrote: > > > > > > > > > > It seems that it is only distributed with the Apache-1.3.x version of > > > > > mod_ssl. > > > > > > > > > > In my experience, it is usually worth the trouble in the long run > > to do a > > > > > full setup for a CA (i.e. what 'openssl ca ...' expects) if you need to > > > > > issue your own certs. > > > > > > > > > > <[EMAIL PROTECTED]> wrote in message > > news:[EMAIL PROTECTED] > > > > > > Hi. > > > > > > The HOWTO instructions on > > > > > > http://httpd.apache.org/docs-2.0/ssl/ssl_fag.html said I need a > > > > > > "sign.sh" script for signing server.csr. It is supposed to be > > > > > > distributed with mod_ssl. > > > > > > Mabe I should download and unpack the latest mod_ssl and look for it > > > > > > again... > > > > > > > > > > --------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > >--------------------------------------------------------------------- > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]