On Thu, Sep 30, 2004 at 10:23:09AM +0800, June G. Gonzales wrote: > hi, > > i'm new to mod_ssl and trying this apache - mod_ssl how-to setup. > i'm now on the creation of the certificate part of the how-to. > i would just like to ask for a brief but informative discussion on what > these lines mean before i actually run it. > i assume that i need to replace the information after each colon with my > own? > what is "Signature Algorithm"? could i use another letter or i really need > to use "R"? >
I think R stands for RSA. I think if you changed the algorithm it might say D (for the NIST Digital Signature Algorithm). Leave it as is. RSA is fine for most purposes. The rest of the information there is the X.509 distinguished name for the certificate, and obviously the certificate validity is how long from the time it was signed should the certificate be trusted. I suggest you change the information to information relevant to you and your organization, naturally. By the way, I recommend you read this page before proceeding, so you know what all of this certificate voodoo is for: http://www.everything2.com/index.pl?node_id=452763 The main purpose of SSL is not to encrypt connections, but to validate whether or not you're actually being connected to the real host you think you're connecting to. Keep that in mind. Encryption is useless without authentication. -- dido Te capiam, cuniculus sceleste! -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
