On Sun, 7 May 2000, Doug Barton wrote:
# Ok, here are some silly questions. Did you create a private key for
# this server, did you encrypt your cert with it, and is that .key file
# pointed to in your httpd.conf config file? SSLCertificateKeyFile is what
# you're looking for. http://www.modssl.org/related/ has some really good
# resources for this, and their FAQ has step by step instructions for
# creating and testing keys and certs that may help you track down where
# in the process it's getting lost.
I did create a key for my server with the following command
ssh-keygen -f /etc/ssh/ssh_host_key
I didn't encrypt a cert with it. This is on a test box and
up until a few days ago the only steps I ever had to take
were to install one of the apache13-*ssl ports, crank up apache,
and it just worked. Of course this could be where I've gone
astray, as it appears this no longer works. :) I've been using
the 'Snake Oil' certs that come with these ports up until now,
since the box is behind a firewall and not in production yet.
# Also, did you install the openssl port, or are you using the openssl
# that is part of the base in 4.0+? I vaguely remember you saying that you
# were using the port. If so, cd to /usr/local/openssl and cp
# openssl.cnf.sample to openssl.cnf.
I'm not using the port. I'm using the bits that come with
-current (and 4.0 on another box). At Kris' suggestion I
did copy over an /etc/ssl/openssl.cnf file but that didn't
seem to help with the problem I'm having. :(
Thanks.
-steve
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
