From owner-freebsd-questions@FreeBSD.ORG Mon Jul 14 06:35:07 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 343FC37B401 for ; Mon, 14 Jul 2003 06:35:07 -0700 (PDT) Received: from spxgate.servplex.com (ip66-105-58-82.z58-105-66.customer.algx.net [66.105.58.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id D028943FEA for ; Mon, 14 Jul 2003 06:34:01 -0700 (PDT) (envelope-from peter@servplex.com) Received: from peter.servplex.com ([192.168.0.96]) by spxgate.servplex.com (8.12.8/8.12.6) with ESMTP id h6EDjfCe066532; Mon, 14 Jul 2003 08:45:42 -0500 (CDT) (envelope-from peter@servplex.com) Message-Id: <5.2.0.9.2.20030714083321.012001e0@mail.servplex.com> X-Sender: peter@mail.servplex.com X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Mon, 14 Jul 2003 08:34:04 -0500 To: Mikko =?iso-8859-1?Q?Ty=F6l=E4j=E4rvi?= From: Peter Elsner In-Reply-To: <20030712173646.X32110@atlas.home> References: <20030713001401.M81814@enabled.com> <20030713001401.M81814@enabled.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed cc: freebsd-questions@FreeBSD.ORG Subject: Re: mod_ssl question: using my own CA? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2003 13:35:07 -0000 I couldn't find the sign.sh script either... I had nothing but problems with mod_ssl, then switched to Apache-SSL and all my problems went away. I had a secure server running in less than 30 minutes. Peter At 05:39 PM 7/12/2003 -0700, you wrote: >On Sat, 12 Jul 2003, admin wrote: > > > OS: FreeBSD 4.8 > > apache 1.3.27 > > modssl 2.8.14 > > > > goals: > > > > generate a server.crt file for apache > > generate a server.key file for apache > > I will be my own CA > > > > Hi, > > > > okay I am trying to find a way to overcome this most elusive and vague > > documentationt that I am finding on the modssl.org website. I am > completely > > confused by the documentation at this point. > > > > from: > > http://www.modssl.org/docs/2.7/ssl_faq.html#ToC29 > > "So a script named sign.sh is distributed with the mod_ssl distribution" > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > > --- snip ---- > > 4. Now you can use this CA to sign server CSR's in order to create real SSL > > Certificates for use inside an Apache webserver (assuming you already > have a > > server.csr at hand): > > > > $ ./sign.sh server.csr > > > > This signs the server CSR and results in a server.crt file. > > > > shell# find / -name sign.sh > > % tar ztf mod_ssl-2.8.14-1.3.27.tar.gz | grep sign.sh > mod_ssl-2.8.14-1.3.27/pkg.contrib/sign.sh > > $.02, > /Mikko >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" Anything below this line, is considered a signature line. If you do not know what a signature is within an email STOP here and do not read any further. Thank you. _________________________________________________________________________ Peter Elsner Vice President Of Customer Service (And System Administrator) 1835 S. Carrier Parkway Grand Prairie, Texas 75051 (972) 263-2080 - Voice (972) 263-2082 - Fax (972) 489-4838 - Cell Phone (425) 988-8061 - eFax I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say "Daddy, where were you when they took freedom of the press away from the Internet?" -- Mike Godwin Unix IS user friendly... It's just selective about who its friends are. System Administration - It's a dirty job, but somebody said I had to do it. If you receive something that says 'Send this to everyone you know, pretend you don't know me. Standard $500/message proofreading fee applies for UCE. (NOTE: UCE is Unsolicited Commercial Email also known as SPAM or junk mail).