Get flash to fully experience Pearltrees
Introduction This document is intended to be a quick guide to generating and installing an SSL certificate on an Apache web server with the mod_ssl module. While this is not an overly difficult process, it does involve running several long commands with numerous options.
Several files related to your your SSL certificate will be created in this section, so choose a common base name to use. In my examples I use " blarg ", which I've italicised to show it should be replaced by your choice. In practice, I recommend extracting the essence from your domain name; for example, if I was creating a certificate for https://www.neilstuff.com/ then I'd use " neilstuff ".
A certificate is a digitally signed statement from one entity (person, company, etc.), saying that the public key (and some other information) of some other entity has a particular value. (See Certificates .) When data is digitally signed, the signature can be verified to check the data integrity and authenticity.
SSL ( Secure Sockets Layer ) certificates are perhaps the most common way to protect information being transmitted between a visitor Web browser and your Web site. SSL provides encryption services to information flowing between systems and can protect Web traffic, e-mail, instant messages and a host of other kinds of data transmittals. I’m not going to go into great detail about the inner workings of SSL except to say that it is a critical infrastructure component for any organization that has a desire to protect customer or other confidential information. SSL is widely used by banks, e-commerce companies, and other Web entities that require transmission of sensitive information, such as passwords, social security numbers, etc. I will show you how to obtain and install a third-party SSL certificate into Microsoft Internet Information Server 7.0 ( IIS 7 ) running on Windows Server 2008. I am running the RC0 version of Windows Server 2008 .
Shining Light Productions' Technical Support is highly acclaimed by many as the best in the software industry. The reason? You get to talk to the original/current developer of the product one-on-one...this means that there is no annoying third party using scripted responses.
To generate a CSR, a key pair must be created for the server. These two items are a digital certificate key pair and cannot be separated. If the public/private key file or password is lost or changed before the SSL certificate is installed, the SSL certificate will need to be re-issued.
The wise man doesn't give the right answers, he poses the right questions. -- Claude Levi-Strauss This chapter is a collection of frequently asked questions (FAQ) and corresponding answers following the popular USENET tradition. Most of these questions occurred on the Newsgroup comp.infosystems.www.servers.unix or the mod_ssl Support Mailing List firstname.lastname@example.org . They are collected at this place to avoid answering the same questions over and over. Please read this chapter at least once when installing mod_ssl or at least search for your problem here before submitting a problem report to the author.
using openssl using keytool (included in recent Sun java reference implementations) openssl generate a new private key and matching Certificate Signing Request (eg to send to a commercial CA) openssl req -out MYCSR .csr -pubkey -new -keyout MYKEY .key