Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Write your own SSL Cert!

  • 19-10-2005 2:18pm
    #1
    Registered Users, Registered Users 2 Posts: 3,514 ✭✭✭


    Hi guys, i'm in the middle of setting up a webserver from home. The server itself is Apache.

    I would like to create my own ssl cert for the server. Has anybody here written their own certs or do you know of any online resources for ssl. So far i have browsed thru :

    www.openssl.org
    www.cacert.org &
    www.startcom.org

    I would like to hear from boards members if they have attempted to do something similiar, and how they got on?


Comments

  • Registered Users, Registered Users 2 Posts: 3,160 ✭✭✭oneweb


    Apache Tomcat has a tool that can generate keys.

    Check out
    http://tomcat.apache.org/tomcat-3.2-doc/tomcat-ssl-howto.html


    Worked very well for me :)

    It is what it's.



  • Registered Users, Registered Users 2 Posts: 3,514 ✭✭✭Rollo Tamasi


    it seems to be well documented! Nice! The server i'm using is Ubuntu (if that makes any difference?)


  • Closed Accounts Posts: 2,046 ✭✭✭democrates


    I've done that before for an in-house system and oh boy what trouble we had.

    All users got the warning window where we needed them to accept the new cert as valid (this happens because it wasn't one of those shipping with browsers or linked to them via CA's), not a big problem you'd think as we explicitly flagged it on the site announcement but, users!


  • Closed Accounts Posts: 1,502 ✭✭✭MrPinK


    OpenSSL has a howto for creating self-signed certs

    http://www.openssl.org/docs/HOWTO/certificates.txt


  • Registered Users, Registered Users 2 Posts: 687 ✭✭✭sector


    it's not so much that you create your own cert as you generate a CR (Certifcate Request) from within you web server, ideally you post this to a CA (Certificate Authority) who is already recognised & is popular (so that they are already a trusted root CA within your given browser), then they issue you with the cert (for a fee of course) and you then register this on your web server.

    so that's the general idea but if your just say doing a private system or something that's not being accessed by the general public but on the net for example, then you can most likely install your own private CA, send the CR to yourself (ha!) and issue your webserver with a cert, the trick here is to add your own CA into the trusted root CA's of any browser that is accessing the site, that way no nasty errors.

    if ya need some code for doing this let me know but i'm sure you'll find a way.

    hope this is of some help :)


  • Advertisement
Advertisement