[ale] https
Jerry Z. Yu
z.yu at ptek.com
Wed Feb 13 10:41:18 EST 2002
# generate your own pair of keys
openssl genrsa -des3 -rand:bigTar1.tar:bigTar2.tar:bigTar3.tar -out
your.server.com.key 1024
# generate a CSR (certificate service/signing request)
openssl req -new -key your.server.com.key -out your.server.com.csr
# instead of sending this CSR to Verisign, sign it with your own key
openssl x509 -req -days 90 -in your.server.com.csr -signkey
your.server.com.key -out your.server.com.certificate
Keep those two files private and specify locations in httpd.conf
your.server.com.certificate
your.server.com.key
On Wed, 13 Feb 2002, Fulton Green wrote:
#What's the best way to generate a cert on the cheap like that? Which tools
#and such?
#
#On Wed, Feb 13, 2002 at 10:16:37AM -0500, Jerry Z. Yu wrote:
#> If your whole purpose is to use SSL to encrypt the traffic versus using
#> certificate to prove to the clients that they are actually accessing your
#> site instead of some bogus sites, you can use a certificate signed by your
#> own key, by your own CA key, instead of paying Verisign or Thawte ~$130 a
#> year for one single certificate.
#
#---
#This message has been sent through the ALE general discussion list.
#See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
#sent to listmaster at ale dot org.
#
Jerry Z. Yu +1-404-262-8544 (O)
Systems Engineer z.yu at ptek.com
IS Support, Voicecom, www.voicecom.com
A business unit of PTEK Holdings, Inc. www.ptek.com
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list