Re: where is sign.sh from mod_ssl ???
It seems that it is only distributed with the Apache-1.3.x version of mod_ssl. In my experience, it is usually worth the trouble in the long run to do a full setup for a CA (i.e. what 'openssl ca ...' expects) if you need to issue your own certs. [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi. The HOWTO instructions on http://httpd.apache.org/docs-2.0/ssl/ssl_fag.html said I need a sign.sh script for signing server.csr. It is supposed to be distributed with mod_ssl. Mabe I should download and unpack the latest mod_ssl and look for it again... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: where is sign.sh from mod_ssl ???
Hi! I am going throug a couple of books (O'Reilly OpenSSL and SAM Maxum Apache Security) and HOWTOs, I haven't come across instructions to set up a CA yet. Can you please oint me in the right direction ? TIA :( Bill Barker wrote: It seems that it is only distributed with the Apache-1.3.x version of mod_ssl. In my experience, it is usually worth the trouble in the long run to do a full setup for a CA (i.e. what 'openssl ca ...' expects) if you need to issue your own certs. [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi. The HOWTO instructions on http://httpd.apache.org/docs-2.0/ssl/ssl_fag.html said I need a sign.sh script for signing server.csr. It is supposed to be distributed with mod_ssl. Mabe I should download and unpack the latest mod_ssl and look for it again... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: where is sign.sh from mod_ssl ???
A good HOWTO about Certificate Management and creating your own CA is on http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/c118.html Another one is here: http://www.corserv.com/freebsd/apache-ssl-howto.html (not so detailed, but not that good either) At 15:28 25.07.2003 +1000, you wrote: Hi! I am going throug a couple of books (O'Reilly OpenSSL and SAM Maxum Apache Security) and HOWTOs, I haven't come across instructions to set up a CA yet. Can you please oint me in the right direction ? TIA :( Bill Barker wrote: It seems that it is only distributed with the Apache-1.3.x version of mod_ssl. In my experience, it is usually worth the trouble in the long run to do a full setup for a CA (i.e. what 'openssl ca ...' expects) if you need to issue your own certs. [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi. The HOWTO instructions on http://httpd.apache.org/docs-2.0/ssl/ssl_fag.html said I need a sign.sh script for signing server.csr. It is supposed to be distributed with mod_ssl. Mabe I should download and unpack the latest mod_ssl and look for it again... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: where is sign.sh from mod_ssl ???
Hi. Thanks, I got EngelSchall's sign.sh. I am going through exactly those doco as we speak, I think the problem with the documentation is that they refer to dfferent versions than mine. On my default RH7.1 Linux installation, I do not have /usr/local/ssl or /etc/ssl/openssl.conf, yet it comes well equipped with /etc/httpd/conf/ssl.crt ad /etc/httpd/conf/ssl.key. On the other hand, the Apache2 httpd.conf uses an Include conf/ssl.conf which doesn't look like the instructions on the documentation. I am so confused, I need a beer. S, I won't be finishing the task this week. Simon Pabst wrote: A good HOWTO about Certificate Management and creating your own CA is on http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/c118.html Another one is here: http://www.corserv.com/freebsd/apache-ssl-howto.html (not so detailed, but not that good either) At 15:28 25.07.2003 +1000, you wrote: Hi! I am going throug a couple of books (O'Reilly OpenSSL and SAM Maxum Apache Security) and HOWTOs, I haven't come across instructions to set up a CA yet. Can you please oint me in the right direction ? TIA :( Bill Barker wrote: It seems that it is only distributed with the Apache-1.3.x version of mod_ssl. In my experience, it is usually worth the trouble in the long run to do a full setup for a CA (i.e. what 'openssl ca ...' expects) if you need to issue your own certs. [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi. The HOWTO instructions on http://httpd.apache.org/docs-2.0/ssl/ssl_fag.html said I need a sign.sh script for signing server.csr. It is supposed to be distributed with mod_ssl. Mabe I should download and unpack the latest mod_ssl and look for it again... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: where is sign.sh from mod_ssl ???
I don't know about Redhat's openssl installation, but propably it spreads over several directories. However there should be an openssl.conf somewhere, maybe its in /etc/openssl.conf or /usr/local/openssl/openssl.conf If you can't find it, this might help: find /etc -name openssl.conf or find /usr -name openssl.conf Installing openssl from source would also help getting a clean (and more secure) openssl installation with everything in one directory. And don't mix up Apache2 ssl.conf with openssl.conf, they've got nothing to do with each other. In Apache 1 all the SSL stuff was in httpd.conf, in Apache 2 they just put that into conf/ssl.conf. At 19:22 25.07.2003 +1000, you wrote: Hi. Thanks, I got EngelSchall's sign.sh. I am going through exactly those doco as we speak, I think the problem with the documentation is that they refer to dfferent versions than mine. On my default RH7.1 Linux installation, I do not have /usr/local/ssl or /etc/ssl/openssl.conf, yet it comes well equipped with /etc/httpd/conf/ssl.crt ad /etc/httpd/conf/ssl.key. On the other hand, the Apache2 httpd.conf uses an Include conf/ssl.conf which doesn't look like the instructions on the documentation. I am so confused, I need a beer. S, I won't be finishing the task this week. Simon Pabst wrote: A good HOWTO about Certificate Management and creating your own CA is on http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/c118.html Another one is here: http://www.corserv.com/freebsd/apache-ssl-howto.html (not so detailed, but not that good either) At 15:28 25.07.2003 +1000, you wrote: Hi! I am going throug a couple of books (O'Reilly OpenSSL and SAM Maxum Apache Security) and HOWTOs, I haven't come across instructions to set up a CA yet. Can you please oint me in the right direction ? TIA :( Bill Barker wrote: It seems that it is only distributed with the Apache-1.3.x version of mod_ssl. In my experience, it is usually worth the trouble in the long run to do a full setup for a CA (i.e. what 'openssl ca ...' expects) if you need to issue your own certs. [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi. The HOWTO instructions on http://httpd.apache.org/docs-2.0/ssl/ssl_fag.html said I need a sign.sh script for signing server.csr. It is supposed to be distributed with mod_ssl. Mabe I should download and unpack the latest mod_ssl and look for it again... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
where is sign.sh from mod_ssl ???
Hi. The HOWTO instructions on http://httpd.apache.org/docs-2.0/ssl/ssl_fag.html said I need a sign.sh script for signing server.csr. It is supposed to be distributed with mod_ssl. Mabe I should download and unpack the latest mod_ssl and look for it again... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
