Hi ! > Why not use the 'openssl' directly, in a step-by-step manner?
Easier said than done if the openssl docs are almost nonexistant and the mod_ssl docs state explicitly Prepare a script for signing which is needed because the ``openssl ca'' command has some strange requirements and the default OpenSSL config doesn't allow one easily to use ``openssl ca'' directly. So a script named sign.sh is distributed with the mod_ssl distribution (subdir pkg.contrib/). Use this script for signing. without even giving a hint about how to do it manually. > If not, there should be something at the Linux Documentation Project > Lets, see..."google is your friend": I know, but my search didn't turn up anything useful. I probably used the wrong keywords. > http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/pdf/SSL-Cert > ficates-HOWTO.pdf Thanks a lot, that document was just what I needed! I have my certificates now. But Apache is still giving me some headaches. Perhaps you could give me a hand here too? I'm starting Apache with -D SSL to have ssl.conf included and uncommented the line LoadModule ssl_module modules/mod_ssl.so in httpd.conf to load mod_ssl. So far so good. I want to have several virtual hosts for local testing of several webpages. Some should only be served via http others only via https. My config looks like this: NameVirtualHost 127.0.0.1:80 <VirtualHost 127.0.0.1:80 localhost:80> ServerAdmin [EMAIL PROTECTED] DocumentRoot /page1 ServerName localhost </VirtualHost> <VirtualHost localhost2:80> ServerAdmin [EMAIL PROTECTED] DocumentRoot /page2 ServerName localhost2 </VirtualHost> <VirtualHost localhost3:80> ServerAdmin [EMAIL PROTECTED] DocumentRoot /page3 ServerName localhost3 </VirtualHost> and there is another Virtualhost in ssl.conf NameVirtualHost 127.0.0.1:443 <VirtualHost 127.0.0.1:443 localhost4:443> ServerAdmin [EMAIL PROTECTED] DocumentRoot /page4 ServerName localhost4 SSLEngine on SSLProtocol all SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL # The rest are default settings except for paths to certificates </VirtualHost> Localhost, localhost2, localhost3 and localhost4 point to 127.0.0.1 (done with the hosts file). What I think this should do is serve localhost, localhost2 and localhost3 only via http and localhost4 only via https. But that doesn't work. I can access all 4 via http and https on Netscape 4.79. With IE 6.0 SP1 I can access all 4 via http but none at all via https. What is wrong there? Bye ! ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
