httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cerion Armour-Brown <cer...@terpsichore.ws>
Subject Re: [users@httpd] HTTPS and virtual hosts
Date Fri, 27 Feb 2004 15:43:26 GMT
On Friday 27 February 2004 16:12, Dean A. Hoover wrote:
> Cerion Armour-Brown wrote:
> >On Friday 27 February 2004 15:01, Dean A. Hoover wrote:
> >>I am a newbie at apache httpd and ssl. I've been reading various books
> >>and online stuff on the subject, trying to figure out how to enable
> >>HTTPS on my webserver for virtual hosts. I talked to people I know that
> >>have also done it, and I am still not able to get this working. I am
> >> using RH9 and apache httpd-2.0.40-21.9. Here is
> >>what I did in /home/tomcat/mywebsite.com/conf/ssl:
> >>
> >># openssl req -new -x509 -days 3650 -nodes -out www.mywebsite.com.pem
> >>-keyout www.mywebsite.com.pem
> >
> >I read a little too quickly... I imagine your main problem here is you're
> >writing your private key (-keyout ...) to the same file as your
> > certificate request (-out ...)
> >Cerion
>
> OK, so now I try the following in /home/tomcat/mywebsite.com/conf/ssl:
>
> # openssl genrsa -out www.mywebsite.com.key 1024
> Generating RSA private key, 1024 bit long modulus
> ....++++++
> ................++++++
> e is 65537 (0x10001)
>
> # openssl req -new -key www.mywebsite.com.key -x509 -out
> www.mywebsite.com.crt
> You are about to be asked to enter information that will be incorporated
> into your certificate request.
> What you are about to enter is what is called a Distinguished Name or a DN.
> There are quite a few fields but you can leave some blank
> For some fields there will be a default value,
> If you enter '.', the field will be left blank.
> -----
> Country Name (2 letter code) [GB]:US
> State or Province Name (full name) [Berkshire]:New York
> Locality Name (eg, city) [Newbury]:Rochester
> Organization Name (eg, company) [My Company Ltd]:My Web Site, Inc.
> Organizational Unit Name (eg, section) []:
> Common Name (eg, your name or your server's hostname) []:www.mywebsite.com
> Email Address []:webmaster@mywebsite.com
>
>
>
> And change httpd.conf as follows:
>
>   SSLEngine on
>   SSLCertificateFile
> /home/tomcat/fermata-international.com/conf/ssl/www.mywebsite.com.crt
>   SSLCertificateKeyFile
> /home/tomcat/fermata-international.com/conf/ssl/www.website.com.key
>
> As in previous email, when I use IE to hit the site, it complains. OK
> fine, so it does not know who
> the heck I am. But when I "View Certificate" I still see:
>
> Issued to: localhost.localdomain
> Issued by: localhost.localdomain
> Valid from 4/6/2003 to 4/4/2004
>
> Where is that coming from???
>
> Dean Hoover

Well, I've never had this, but I imagine it's because what you've created is a 
certificate signing request - it's not a certificate until you sign it...

read this: http://www.vanemery.com/Linux/Apache/apache-SSL.html
Cerion


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message