SSL

XML, Perl, Python, and other languages can be discussed here, even if it isn't PHP (We might forgive you).

Moderator: General Moderators

Post Reply
php_wiz_kid
Forum Contributor
Posts: 181
Joined: Tue Jun 24, 2003 7:33 pm

SSL

Post by php_wiz_kid »

Ok everybody. I got OpenSSL to run localy on my computer just to test it out. So now I can create my own certificates to test with, which is nice because I'm broke. Now, I was able to create a test certificate, and as I was looking through other sites' certificates, which I have on my computer, I saw that they had a lot more options, like they used V3 and my certificate is V1. When I issue a certificate the issuer and the isuee are the same. It also says that my certificate name is invalid or the certificate is not the same as the site name. How do I fix this? I know this might be out of place, but you guys have always been able to help. Thanks.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

did you use CA.pl and its openssl.cnf as provided by openSSL?
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Moved to the Miscellaneous forum - please try and post in the forum which is most relevant for the question.

Mac
php_wiz_kid
Forum Contributor
Posts: 181
Joined: Tue Jun 24, 2003 7:33 pm

Post by php_wiz_kid »

No, I didn't use the CA.pl. I don't know how to use it. I just got it working after many long hours of trying to get it to work on a windows machine. So I'm not exactly sure what I'm doing. I created a couple BAT files to create my test certificate so I wouldn't have to do it through the command line. So, if you could tell me how to use the CA.pl that would be great.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

the documentation is at http://www.openssl.org/docs/apps/CA.pl.html
you need perl for this script. There are some free implementations for win32.
e.g. http://www.activestate.com/Products/Dow ... ActivePerl or http://www.cygwin.com/
php_wiz_kid
Forum Contributor
Posts: 181
Joined: Tue Jun 24, 2003 7:33 pm

Post by php_wiz_kid »

Thanks for the help. I just bought a book about OpenSSL from Amazon and I should expect it in the next few days. This will probably answer all my questions. Thanks for your help volka, I really appriciate it.
User avatar
d-m
Forum Commoner
Posts: 31
Joined: Fri Aug 29, 2003 4:24 pm
Location: Rio de Janeiro - RJ - Brasil

Making certificate SSL

Post by d-m »

Its easy, when you compile the apache with mod_ssl you can generate your certificate .. its the best way. Do like thise:

when you do make certificate TYPE=custom you are gonna make your certificate :)

--- APACHE ---
cd ../mod_ssl-2.8.10-1.3.28

./configure --enable-module=so --with-apache=../apache_1.3.28 --with-ssl=../openssl-0.9.7
cd ../apache_1.3.28/
make
make certificate TYPE=custom
make install
--- END APACHE ---

PS: CRIPT the CA.key
DO NOT CRYPT server.key

-- PHP --
cd ../php-4.3.3
./configure --with-apxs=/usr/local/apache/bin/apxs --with-pgsql --with-mysql --with-zip=/usr/local/lib
make
make install
-- END PHP ---

make sure you got the apache, mod_ssl and php decompressed at /usr/scr and enters at apache to start the process :)
Post Reply