Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: cyberdude on May 23, 2004, 05:28:48 PM
-
Hi!
I wants to make my own SSL certificates, and have found this guide
http://no.longer.valid/phpwiki/index.php/Creating%20SSL%20Certificates
But as described in the guide, i have to install "make" to creates the SSL's
How do i do that ? (where to find the make scripts)
I have tryed to search this forum for "install make" or just "make" but with no luck
I run a SME 6.0 install (if that has anything to do with what files i ned to install)
Sincerly
Cyberdude
-
First of all the info you refer to is dated January 7, 2002
try looking for some help a little newer
thawte and verisign
here's one link
http://www.thawte.com/guides/apache3q03.html
-
Hi again!
Thanx for pointing me to a newer info...
I am trying to folow the steps in the .pdf file (that are linked to at the page refering to)
but allready at the first step i got into truble...
Here are the comand that i shoud write
“openssl genrsa –des3 1024 –out www.mydomain.com.key”
And it "runs" just fine, and arskes for a pass twice as described, but when it is finished and i type the "locate .key" the newly produced .key file is not listet, and when i tryes to run the next comand
“openssl req –new –key –out www.mydomain.com.csr”
i just get this error :
unknown option www.mydomain.com.csr
What im i douing wrong ?
-
Hi
I think you must buy a book about ssl & certificate
It will be easier for you to understand what's wrong after reading it ;)
Regards
Souley
-
If you are on 6.x go to /etc/httpd/conf and look at the @Makefile, it provides some more information, e.g. you see the output directories there.
-
I have done it on e-smith 6.0 and it worked using the directions
from thawte you can also look at freessl for a howto maybe
just buy a cert
YOU DON'T PUT THE WWW IN YOUR CERT
a cert is for a domain name domain.com server.net etc
you also didn't tell openssl where to put the cert it makes
openssl genrsa –des3 1024 –out /etc/mycert/domain.key
-
If you are on 6.x go to /etc/httpd/conf and look at the @Makefile, it provides some more information, e.g. you see the output directories there.
Okay, i have now used, the info prowided to me here... and now hawe a .key .csr .crt file, i have copyed the .key file to /home/e-smith/ssl.key/
and the .crt file to /home/e-smith/ssl.crt/
then i did a "httpd restart" and tryed to access the site i just createt the crt for, but still the certificate i got up in the dialog box, was the server's certificate.....
Did i miss somthing ?
-
The easiest way to get them to work is to rename the old cert files to something like key.old and the rename the new ones to the same name to old files use to be like key.txt
You can use midnight commander to do this very easy
-
The easiest way to get them to work is to rename the old cert files to something like key.old and the rename the new ones to the same name to old files use to be like key.txt
You can use midnight commander to do this very easy
If you don't use the same name for the new files you must edit the http.conf template