-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Khalid Schofield Sent: Saturday, June 14, 2008 12:34 To: misc@openbsd.org Subject: OpenSSL On Openbsd help
Hi, I need to get a proper signed ssl certificate for my ecommerce website hosted on my openbsd box. Getting confused as most websites describe how to do this in many different ways and most refere to self signed certificates. Wanted to ask the experts before I go and throw $100 at the task. So do I have to use pass phrases when generating the certificate? If I use a pass phrase why? How does it effect the certificate and it's use? Also if I use a pass phrase do I have to tell apache about it? Does it go in a config or do I have to enter it when reloading apache? Also what command do you use to do this? Please tell all :) One last thing who would you recomend to sign my csr? Thanks sorry for the stupid questions but I've never done this before and risked my actual money (only the companies). For info. I'm integrating google checkout into my website to do payments. Not done this before but paypal is charging me an arm and a leg. Khalid ========================== If, as you've indicated, you're going to use the cert for e-commerce, then self-signed is NOT the way to go. FREE, no cost, non-testing, one-year SSLs are available from http://cert.startcom.org. starcom's root CA is "recognized" by the major browsers and should satisfy your needs. There is a registration process -- starcom must be convinced that you control the domains and then sites that you're applying to get certs for. This can take a bit of time and there are a few pre-requisites. Also, if it matters to you, starcom is not North American. /S
