+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Contributions Area (/forum-40.html)
+--- Forum: Howtos (/forum-41.html)
+--- Thread: [HowTo] Create your own SSL CA and secure multiple services (/thread-1347.html)
RE: [HowTo] Create your own SSL CA and secure multiple services - rsmithgs - 04-03-2008 04:59 AM
http://www.cacert.org/
Dont quite know how reconised the certificates are though.
Think some dedicated server providers do free SSL certs with packages. But they have to remain with that server.
RE: [HowTo] Create your own SSL CA and secure multiple services - DaSilva - 04-03-2008 06:01 AM
This cacert gives me a free certificate after the successful test or what?
RE: [HowTo] Create your own SSL CA and secure multiple services - rsmithgs - 04-03-2008 06:20 AM
Dunno.
I would try and check to see what percentage of browsers will see the certificate as a valid one. Otherwise your back to square one.
Edit : Found this on the site
(*) Please note a general limitation is that, unlike long-time players like Verisign, CAcert's root certificate is not included by default in mainstream browsers, email clients, etc. This means people to whom you send encrypted email, or users who visit your SSL-enabled web server, will first have to import CAcert's root certificate, or they will have to agree to pop-up security warnings (which may look a little scary to non-techy users).
Which would be the same for your self signed certificates.
Though by spreading CAcerts instead of your self signed ones you are helping the spread of the CAcert Root certificate
RE: [HowTo] Create your own SSL CA and secure multiple services - DaSilva - 04-04-2008 06:49 PM
I know have a certificate from StartSSL but I don't know how to implement it to my server because I only have a *.crt , a *.csr and a *.key file but no *.pem .
How can I use this now?
Thanks.
RE: [HowTo] Create your own SSL CA and secure multiple services - rsmithgs - 04-04-2008 07:06 PM
DaSilva Wrote:I know have a certificate from StartSSL but I don't know how to implement it to my server because I only have a *.crt , a *.csr and a *.key file but no *.pem .
How can I use this now?
Thanks.
I think you can copy your *.crt and rename the copy *.pem
RE: [HowTo] Create your own SSL CA and secure multiple services - Cube - 04-04-2008 08:14 PM
But StartSSL is not trusted as well as far as I see.
RE: [HowTo] Create your own SSL CA and secure multiple services - rsmithgs - 04-04-2008 08:46 PM
Cube Wrote:But StartSSL is not trusted as well as far as I see.
That does look like the case.
If you do not want the certificate errors to appear in the web browser and are looking to get a certificate for free you will need to get the clients to install your certificate on the PC they are using. TO get a reconised certificate you will need to pay money.
RE: [HowTo] Create your own SSL CA and secure multiple services - fulltilt - 05-20-2008 03:28 AM
error by certificate generation
if i use:
Code:
openssl genrsa -out apache.key.pem -rand private/.rand 2048
openssl req -new -key apache.key.pem -out apache.req.pem
openssl ca -name RootCA -in apache.req.pem -out apache.cert.pemi get this error in last step openssl ca:
Code:
Using configuration from /usr/lib/ssl/openssl.cnf
variable lookup failed for RootCA::private_key
21745:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=RootCA name=private_keyRE: [HowTo] Create your own SSL CA and secure multiple services - thibotus01 - 08-01-2009 08:12 PM
This error is still unsolved? I got the same......
RE: [HowTo] Create your own SSL CA and secure multiple services - MasterTH - 08-02-2009 04:49 AM
i used the script several times.
may u forget something in the howto??