httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dean A. Hoover" <dhoo...@rochester.rr.com>
Subject Re: [users@httpd] HTTPS and virtual hosts
Date Fri, 27 Feb 2004 15:13:59 GMT
Dean A. Hoover wrote:

> Cerion Armour-Brown wrote:
>
>> On Friday 27 February 2004 15:01, Dean A. Hoover wrote:
>>  
>>
>>> I am a newbie at apache httpd and ssl. I've been reading various books
>>> and online stuff on the subject, trying to figure out how to enable
>>> HTTPS on my webserver for virtual hosts. I talked to people I know that
>>> have also done it, and I am still not able to get this working. I am 
>>> using
>>> RH9 and apache httpd-2.0.40-21.9. Here is
>>> what I did in /home/tomcat/mywebsite.com/conf/ssl:
>>>
>>> # openssl req -new -x509 -days 3650 -nodes -out www.mywebsite.com.pem
>>> -keyout www.mywebsite.com.pem
>>>   
>>
>>
>> I read a little too quickly... I imagine your main problem here is 
>> you're writing your private key (-keyout ...) to the same file as 
>> your certificate request (-out ...)
>> Cerion
>>
>>  
>>
> OK, so now I try the following in /home/tomcat/mywebsite.com/conf/ssl:
>
> # openssl genrsa -out www.mywebsite.com.key 1024
> Generating RSA private key, 1024 bit long modulus
> ....++++++
> ................++++++
> e is 65537 (0x10001)
>
> # openssl req -new -key www.mywebsite.com.key -x509 -out 
> www.mywebsite.com.crt
> You are about to be asked to enter information that will be incorporated
> into your certificate request.
> What you are about to enter is what is called a Distinguished Name or 
> a DN.
> There are quite a few fields but you can leave some blank
> For some fields there will be a default value,
> If you enter '.', the field will be left blank.
> -----
> Country Name (2 letter code) [GB]:US
> State or Province Name (full name) [Berkshire]:New York
> Locality Name (eg, city) [Newbury]:Rochester
> Organization Name (eg, company) [My Company Ltd]:My Web Site, Inc.
> Organizational Unit Name (eg, section) []:
> Common Name (eg, your name or your server's hostname) 
> []:www.mywebsite.com
> Email Address []:webmaster@mywebsite.com
>
>
>
> And change httpd.conf as follows:
>
>  SSLEngine on
>  SSLCertificateFile 
> /home/tomcat/fermata-international.com/conf/ssl/www.mywebsite.com.crt
>  SSLCertificateKeyFile 
> /home/tomcat/fermata-international.com/conf/ssl/www.website.com.key 

whoops, let that read mywebsite... including the directory

>
>
> As in previous email, when I use IE to hit the site, it complains. OK 
> fine, so it does not know who
> the heck I am. But when I "View Certificate" I still see:
>
> Issued to: localhost.localdomain
> Issued by: localhost.localdomain
> Valid from 4/6/2003 to 4/4/2004
>
> Where is that coming from???
>
> Dean Hoover
>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server 
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message