<html>

<head></head>

<body>
    <div class="item">
        <div class="item-header">



        </div>

        <div class="item-body">

            <p></p>
            <p>Having had <a href="801.html">yet another run in with Apache</a> SSL (mod_ssl) and being very disapointed with the service of Thawte, I decided to have a go at setting up a certificate authority.</p>
            <p>Setting up a CA doesn't really serve any purpose because no one is going to bother to install my cacert into their browser but here isn't always a purpose to everything that a geek does. Besides a friend of mine, a cryptograpy specialist had thrown me challenge to set one up (this is a separate development).</p>
            <p>As usual being <a href="http://fedora.redhat.com">Fedora</a> user I was at a disadvantage. The <a href="https://www.openssl.org">openssl</a> installation on the system by Red Face does not include the CA.pl (or CA.sh) script. And it does not include the sign.sh script. Not having these scripts means you need to do a hell of a lot of typing. Fortunately, I could dig up a copy of <a href="http://www2.goldfisch.at/knowledge/142">sign.sh</a> with a little googling and decided to make do with out CA.pl</p>
            <p>Even without CA.pl creating a root certicate is straight forward and howto do so is well documented in the <a href="https://httpd.apache.org">apache</a> SSL guide. So I should be signing off now but as often happens what works on the local server does not work on the production server. When ever the https url is accessed all you see is that famous message:</p>
            <p></p>
            <p></p>

        </div>
    </div>


</body>

</html>

Setting up a certificate authority

2005 Aug 29 at 21:03 » Tagged as :