SSL
Moderator: General Moderators
-
php_wiz_kid
- Forum Contributor
- Posts: 181
- Joined: Tue Jun 24, 2003 7:33 pm
SSL
Ok everybody. I got OpenSSL to run localy on my computer just to test it out. So now I can create my own certificates to test with, which is nice because I'm broke. Now, I was able to create a test certificate, and as I was looking through other sites' certificates, which I have on my computer, I saw that they had a lot more options, like they used V3 and my certificate is V1. When I issue a certificate the issuer and the isuee are the same. It also says that my certificate name is invalid or the certificate is not the same as the site name. How do I fix this? I know this might be out of place, but you guys have always been able to help. Thanks.
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
-
php_wiz_kid
- Forum Contributor
- Posts: 181
- Joined: Tue Jun 24, 2003 7:33 pm
No, I didn't use the CA.pl. I don't know how to use it. I just got it working after many long hours of trying to get it to work on a windows machine. So I'm not exactly sure what I'm doing. I created a couple BAT files to create my test certificate so I wouldn't have to do it through the command line. So, if you could tell me how to use the CA.pl that would be great.
the documentation is at http://www.openssl.org/docs/apps/CA.pl.html
you need perl for this script. There are some free implementations for win32.
e.g. http://www.activestate.com/Products/Dow ... ActivePerl or http://www.cygwin.com/
you need perl for this script. There are some free implementations for win32.
e.g. http://www.activestate.com/Products/Dow ... ActivePerl or http://www.cygwin.com/
-
php_wiz_kid
- Forum Contributor
- Posts: 181
- Joined: Tue Jun 24, 2003 7:33 pm
- d-m
- Forum Commoner
- Posts: 31
- Joined: Fri Aug 29, 2003 4:24 pm
- Location: Rio de Janeiro - RJ - Brasil
Making certificate SSL
Its easy, when you compile the apache with mod_ssl you can generate your certificate .. its the best way. Do like thise:
when you do make certificate TYPE=custom you are gonna make your certificate
--- APACHE ---
cd ../mod_ssl-2.8.10-1.3.28
./configure --enable-module=so --with-apache=../apache_1.3.28 --with-ssl=../openssl-0.9.7
cd ../apache_1.3.28/
make
make certificate TYPE=custom
make install
--- END APACHE ---
PS: CRIPT the CA.key
DO NOT CRYPT server.key
-- PHP --
cd ../php-4.3.3
./configure --with-apxs=/usr/local/apache/bin/apxs --with-pgsql --with-mysql --with-zip=/usr/local/lib
make
make install
-- END PHP ---
make sure you got the apache, mod_ssl and php decompressed at /usr/scr and enters at apache to start the process
when you do make certificate TYPE=custom you are gonna make your certificate
--- APACHE ---
cd ../mod_ssl-2.8.10-1.3.28
./configure --enable-module=so --with-apache=../apache_1.3.28 --with-ssl=../openssl-0.9.7
cd ../apache_1.3.28/
make
make certificate TYPE=custom
make install
--- END APACHE ---
PS: CRIPT the CA.key
DO NOT CRYPT server.key
-- PHP --
cd ../php-4.3.3
./configure --with-apxs=/usr/local/apache/bin/apxs --with-pgsql --with-mysql --with-zip=/usr/local/lib
make
make install
-- END PHP ---
make sure you got the apache, mod_ssl and php decompressed at /usr/scr and enters at apache to start the process