From owner-freebsd-questions@FreeBSD.ORG Fri Jan 2 10:47:09 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1897216A4CE for ; Fri, 2 Jan 2004 10:47:09 -0800 (PST) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 57DF643D4C for ; Fri, 2 Jan 2004 10:46:54 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) i02Ikawd032536 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 2 Jan 2004 18:46:36 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id i02IkZYD032535; Fri, 2 Jan 2004 18:46:36 GMT (envelope-from matthew) Date: Fri, 2 Jan 2004 18:46:35 +0000 From: Matthew Seaman To: Marius Kirschner Message-ID: <20040102184635.GA32364@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Marius Kirschner , 'FreeBSD Questions' References: <20040102172012.GA31343@happy-idiot-talk.infracaninophile.co.uk> <200401021809.i02I9Jwd032171@smtp.infracaninophile.co.uk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="NzB8fVQJ5HfG6fxh" Content-Disposition: inline In-Reply-To: <200401021809.i02I9Jwd032171@smtp.infracaninophile.co.uk> User-Agent: Mutt/1.5.5.1i X-Spam-Status: No, hits=-4.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.61 X-Spam-Checker-Version: SpamAssassin 2.61 (1.212.2.1-2003-12-09-exp) on happy-idiot-talk.infracaninophile.co.uk cc: 'FreeBSD Questions' Subject: Re: Changing Apache X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Jan 2004 18:47:09 -0000 --NzB8fVQJ5HfG6fxh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jan 02, 2004 at 01:09:17PM -0500, Marius Kirschner wrote: > Thanks, Matthew, much appreciated. I assume I'll be able to use my curre= nt > httpd.conf file, but just rename it to httpsd.conf? =20 No, it's still called httpd.conf. There's a whole passel of extra configuration stuff to do with enabling SSL -- take a look at the default httpd.conf that gets installed by the apache13-modssl port. =20 > Also, if I get a certificate for www.whatever.com will I be able to refer= to > it via http:// and https://? Well, ish. When you compile the port, you will be given the option to generate several flavours of test key. These will permit the HTTPS server to work, but visitors will get pop-ups all the time warning that your site isn't trusted. You will have to generate a .csr (Certificate Signing Request) and send it off to one of the CAs to get it signed by a recognised key, and then everything will work smoothly. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --NzB8fVQJ5HfG6fxh Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQE/9byLdtESqEQa7a0RAnIhAJ9E4e9ib6Wg7ogOt9WQJy/TGtrs1ACdGqY3 qb8YL0uqFc5qF5zfLlxpcE4= =dcRb -----END PGP SIGNATURE----- --NzB8fVQJ5HfG6fxh--