Reply With QuoteAre you creating your own certificates or are you getting them from a company that specializes in creating them (aka Certificate Authority, CA) like Verisign?
SSl certificates!
Hello!
I have created different virtual hosts in apache.Now, i want to enable ssl for the host which require it.Please suggest me which certificate i should use?
Are you creating your own certificates or are you getting them from a company that specializes in creating them (aka Certificate Authority, CA) like Verisign?
Also depending on what kind of services you are going to be offering. For example, would you trust your bank to use their own certificate, which may or may not be the host you are trying to connect (man in the middle kind of thing)? If you absolutely need a host to be trusted by others, then it's a MUST to use CA offering such as Verisign.
But all you want is to offer a secure way of connecting to a host which required a SSL cert but no need to have verifiable credential (such as shopping cart on your site), then you can get away with using your own cert.
Thank you for your replies.I just want a secure way of connecting to the host.
Hello,
I am trying to implement SSl with apache webserver's virtual hosts.I don't want global SSL implementation.I just want to add this facility with the hosts who require it.Can anyone guide me how to do that?
I want to implement it just for security purpose, so if i'll create a certificate of my own.In that case how can i define that which certificate should be used by which host???
I was meaning to write in the PET section for SSL with Apache but never got around to it.
Here is my /etc/apache2/sites-enabled/mysite file.
Note the SSL cert file. That's where you define your SSL cert for any given site. You can have as many certs as you like as long as you define them in there. For security purposes, you should NEVER put your SSL cert in web directory.Code:NameVirtualHost *:80 <VirtualHost *:80> ServerName mysite.mydomain.com ServerAdmin compunuts@localhost DocumentRoot /var/www/mysite </VirtualHost> NameVirtualHost *:443 <VirtualHost *:443> ServerName mysite.mydomain.com ServerAdmin compunuts@localhost SSLEngine On SSLCertificateFile /etc/apache2/ssl/mysite.pem DocumentRoot /var/www/mysite <Directory /var/www/mysite/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> </virtualhost>
Also note that this is a very basic SSL setting. I have some other password log ins, log level settings and stuff but you do not need those if you are not using it.
HTH ....
Thank you for your reply.The information you gave is quite helpful.I had to add the following things to it and it worked.Do you have any idea why i needed these all?
Another thing that i wanted to ask is that i followed the following link to create my own certificates:Code:<VirtualHost *:443> ServerName mysite.mydomain.com ServerAdmin compunuts@localhost SSLEngine On SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SSLCertificateFile /etc/apache2/ssl.crt/mysite.pem SSLCertificateKeyFile /etc/apache2/ssl.key/mysite.pem DocumentRoot /var/www/mysite <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/var/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" <Directory /var/www/mysite/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> </virtualhost>
http://www.flatmtn.com/computer/Linu...tesApache.html
Here, i have to create a root certificate, why i need it?.The new certificates we create are based on root certificate?.I am feeling very confused about it.
Hello!
If i don't want to create my own certificate then from where i can get the free certificates for a secure login and what will be the steps in that case.
I also wanted to ask one more thing i.e. that i have OPenSSL already configured to Apache and by default i have cacert.pem , localhost.key and localhost.crt.So, in this case localhost.crt can be used as root certificate or not?
Regards!
Posting Permissions
Bookmarks