httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Savage, Robert CTR USTRANSCOM J6" <Robert.Savage....@ustranscom.mil>
Subject RE: [users@httpd] Certificates and keys
Date Wed, 21 Jun 2006 19:42:37 GMT
-----Original Message-----
From: Andy Buckley [mailto:Andy.Buckley@durham.ac.uk]
Sent: Wednesday, June 21, 2006 13:48
To: users@httpd.apache.org
Subject: Re: [users@httpd] Certificates and keys

Savage, Robert CTR USTRANSCOM J6 wrote:
> I'm reconstructing a web site and having certificate trouble.
> http://localhost/ displays the test file at DocumentRoot
> "F:\www\Apache2\htdocs", but https://locahost/ gives me the old "The
page
> cannot be displayed" error.
>
> Is there a way to show that a file "server.key" is the private key for a
> "server.cert" certificate?

This is probably what you want:

http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#verify

Andy

--
Dr Andy Buckley: CEDAR @ IPPP, Durham
Work: www.cedar.ac.uk
www.insectnation.org


Andy,

Thanks very much for the pointer. Now I must ask one last (and very
ignorant) question: Do the following results really say that server.key
doesn't go with server.cert?

$ openssl x509 -noout -text -in server.cert | openssl md5
fc68929f3a1863b9f8870ea38a3c84cc

$ openssl rsa -noout -modulus -in server.key | openssl md5
Enter pass phrase for server.key:
c4f9ce1f4d8291507da0aaa805cab3fd

$ openssl req -noout -modulus -in ../server.csr | openssl md5
c4f9ce1f4d8291507da0aaa805cab3fd

I ask this question because I have several subdirectories each supposedly
containing master copies of the server.cert and server.key files for our
web servers. I've repeated the above sequence in each of those
subdirectories with similar results: the server.key and server.csr files
share common MD5s, but the server.cert file does not.

If they should all have a common md5, then I believe I'll have to replace
all my certificates. Bummer.

--Doc

Mime
View raw message