This is the technique I used to self sign certs..
http://www.cs.uwa.edu.au/~ryan/tech/certificates.html
Of course I am not trying to instill confidence in my user base (i.e..
they are not attempting to transfer money across any of my secure
sites).
I guess if you are handling money then you should be making it so you
might want to buy a certificate from a marketing prospective (i.e..
piece of mind for the user base).
hrmmm.. I just deleted an 8 paragraph rant about the legitamacy of
agencies that collect money for this type of service :)
hope this helps
Paul
On Sun, 2003-07-20 at 13:06, [EMAIL PROTECTED] wrote:
> On Sun, 20 Jul 2003 01:38:00
> Voytek Eymont <[EMAIL PROTECTED]> wrote:
>
> > I have this Apache on RH73
> >
> > [Sun Jul 20 04:02:04 2003] [notice] Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_py
> > thon/2.7.8 Python/1.5.2 mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.1.2 mod_pe
> > rl/1.26 mod_throttle/3.1.2
> >
> > the 'mod_ssl', 'OpenSSL' part:
> >
> > does that mean I can have https/SSL with this ?
> >
>
> Yes, you can. Have you just tried to connect to
> your machine with https? It might work already.
>
> You might get warnings that 1. the certificate is not
> trusted, 2. the name doesn't match the name on the
> certificate and 3. that the certificate might be
> out of date, but if you (or anyone connecting)
> ignores these warnings, you can still use it.
>
> You only need to pay money to someone to get rid of
> warning 1.
>
> There's a lot of howtos on the net to fix 2 and 3,
> including the docs distributed with mod_ssl and openssl.
>
> Regards,
>
> Matt
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
