httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GOMEZ Henri <hgo...@slib.fr>
Subject RE: SSL and certficates script
Date Mon, 26 Nov 2001 07:16:07 GMT
Excellent works

I'll be happy to see it included in Apache 2.0 distribution.
With a few html/cgi stuff, it could be also used even by
'newbies'



-
Henri Gomez                 ___[_]____
EMAIL : hgomez@slib.fr        (. .)                     
PGP KEY : 697ECEDD    ...oOOo..(_)..oOOo...
PGP Fingerprint : 9DF8 1EA8 ED53 2F39 DC9B 904A 364F 80E6 



>-----Original Message-----
>From: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
>[mailto:madhusudan_mathihalli@hp.com]
>Sent: Friday, November 23, 2001 12:17 AM
>To: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1); 'Gomez Henri'
>Cc: 'dev@httpd.apache.org'
>Subject: RE: SSL and certficates script
>
>
>Okay.. here's a more refined version of the script - including 
>features for
>client / ca certificate generation.. I've tried to keep it simple and
>modular - pl. let me know if you have any feedback..
>
>-Madhu
>
>-----Original Message-----
>From: Gomez Henri [mailto:hgomez@slib.fr]
>Sent: Wednesday, November 21, 2001 3:30 PM
>To: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
>Cc: 'dev@httpd.apache.org'
>Subject: RE: SSL and certficates script
>
>
>En réponse à "MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)"
><madhusudan_mathihalli@hp.com>:
>
>> The script is pretty similar to what we had for Apache 
>1.3.x.. You can
>> get
>> the usage details by "./mkcert.sh --help".. Pl. do let me know if the
>> Usage
>> details provided are not sufficient - I'll try to put in more details
>> there..
>
>I just want to say that this script is a SUPERB tool and everything
>is present to have the graal of SSL certs.
>
>We need a tool to generate :
>
>1) a custom CA cert
>2) custom server certs signed with that CA
>3) client (browser) certs signed all with that CA
>
>What will give Apache 2.0 a decent simple "PKI" and which will
>be very usefull for small companies...
>
>
>> The creation of a self-signed CA and a certificate are both linked
>> together
>> - it can be created by "./mkcert.sh --custom" or "./mkcert.sh
>> --type=custom"..
>> 
>> Did you want to just create the self-signed CA certificate only, and
>> NOT
>> the
>> server certificate ?.. If yes, then it's not possible with 
>the current
>> script.. I'm trying to make it more modular, so that you can have a
>> mix-n-match of the functions.. 
>> Also, I've changed the layout of the files to a certain extent - the
>> .csr
>> files now go into the conf/ssl.crt/ directory itself -if this is not
>> okay, I
>> can change it back to go to conf/ssl.csr/
>
>The scripts I sent previously included code to generate the client
>cert (PKCS12 format). I feel you have now everything to give AP2.0
>its own little Cert Agency :)))))
>
>Hope you could do that for us :)
>
>
>-
>Henri Gomez                 ___[_]____
>EMAIL : hgomez@slib.fr        (. .)                     
>PGP KEY : 697ECEDD    ...oOOo..(_)..oOOo...
>PGP Fingerprint : 9DF8 1EA8 ED53 2F39 DC9B 904A 364F 80E6 
>
>

Mime
View raw message