02-10-2009
SSL key Apache
We are running Apache 1.3 on solaris 8 we have renewed our ssl key with verisign. They have confirmed renewel and new ssl certifcate is appended to the end of the email.
out apache config file has two directives
SSLCertificateFile /export/home/apache/conf/ssl.crt/xxxx.crt
SSLCertificationKeyFile /export/home/apache/conf/ssl.key/xxx.com.key
Can anyone please advise in which file I have to cut and paste the new certifcate
Are there any additional steps involved.
Thanks
10 More Discussions You Might Find Interesting
1. Solaris
Hi All,
I'm attempting to build Apache 1.3.27 on a new Solaris 9 system. I am using
following "Option 2" in the INSTALL of the mod_ssl-2.8.12-1.3.27, and I'm
stumped.
After I configure and make all the required components
the make of the Apache server itself stops at:
flex... (2 Replies)
Discussion started by: b_manu78
2 Replies
2. HP-UX
Hi there,
After setup my apache server, I have using mkcert.sh file to generate a SSL key. But when I tried to start my apache server it is prompted me to enter the pass phrase password, in fact I had entered the same correct password which I provided during the key generation and it give me the... (0 Replies)
Discussion started by: e_jeffhang
0 Replies
3. HP-UX
When everytime I start apache, it asks me to enter pass phrase, and I have to enter the pass phrase manually.
I would like to write a script to monitor the apache, such that it will check the apache status, if it is stopped, then start it automatically. However, the script fails since the pass... (1 Reply)
Discussion started by: alfredo
1 Replies
4. Web Development
I had to update the CA Trusted Chains on two different UNIX servers running Apache. After looking through some documentation, it said that after the new CA's were installed, I had to run the /usr/ccs/bin/make command in order to create the symbolic links for apache to recognize the certs. On the... (1 Reply)
Discussion started by: camerodity
1 Replies
5. UNIX for Dummies Questions & Answers
Hi everyone,
I have a quick/newb question:
I know that a public key is used to encrypt data and a private key is used to decrypt data but who keeps the public/private keys??
Does the Web Server hold both?
Does the Web Server have the public key and does the client have the private key? ... (3 Replies)
Discussion started by: tical00
3 Replies
6. Web Development
I have interesting problem.
https:/host/some/x.cgi
- this script has run twice when I call this url
But
http:/host/some/x.cgi
work fine, only once.
Output is text/plain.
If I change output format to the Content-type text/html,
then both urls works fine - executed only once. (2 Replies)
Discussion started by: kshji
2 Replies
7. Solaris
How do I generate an SSL string in solaris 10? (3 Replies)
Discussion started by: Kjons76
3 Replies
8. Shell Programming and Scripting
Hi,
I am trying to find the script which will ask for SSL Cert and Key file name/path. The output of both should be matched and compared. If the output are same than the script final output should be Certificate Matches and if it doesn't than Output don't match.
Is there any way we can create... (0 Replies)
Discussion started by: SachinD
0 Replies
9. Linux
Issue observed: I have configured ng.my-site.com using widlcard ssl cert. When I hit https://www.my-site.com it loads ng.my-site.com website!
please advise if I missed any concept / configs... Thank you!
httpd.conf
<VirtualHost *:80>
ServerName www.my-site.com
ServerAdmin... (0 Replies)
Discussion started by: ashokvpp
0 Replies
10. Linux
I have been given a test server (CentOS 6.6), as part of a job interview-with breaks in the system and to fix them. One of them was getting httpd to work.
This was the initial error I faced whenever I attempted to start httpd
root@ip-10-138-115-106 html]# service httpd start
Starting httpd:... (0 Replies)
Discussion started by: hedkandi
0 Replies
LEARN ABOUT DEBIAN
net::server::proto::ssl
Net::Server::Proto::SSL(3pm) User Contributed Perl Documentation Net::Server::Proto::SSL(3pm)
NAME
Net::Server::Proto::SSL - Net::Server SSL protocol.
SYNOPSIS
Until this release, it was preferrable to use the Net::Server::Proto::SSLEAY module. Recent versions include code that overcomes original
limitations.
See Net::Server::Proto. See Net::Server::Proto::SSLEAY.
use base qw(Net::Server::HTTP);
main->run(
proto => 'ssl',
SSL_key_file => "/path/to/my/file.key",
SSL_cert_file => "/path/to/my/file.crt",
);
# OR
sub SSL_key_file { "/path/to/my/file.key" }
sub SSL_cert_file { "/path/to/my/file.crt" }
main->run(proto = 'ssl');
# OR
main->run(
port => [443, 8443, "80/tcp"], # bind to two ssl ports and one tcp
proto => "ssl", # use ssl as the default
ipv => "*", # bind both IPv4 and IPv6 interfaces
SSL_key_file => "/path/to/my/file.key",
SSL_cert_file => "/path/to/my/file.crt",
);
# OR
main->run(port => [{
port => "443",
proto => "ssl",
# ipv => 4, # default - only do IPv4
SSL_key_file => "/path/to/my/file.key",
SSL_cert_file => "/path/to/my/file.crt",
}, {
port => "8443",
proto => "ssl",
ipv => "*", # IPv4 and IPv6
SSL_key_file => "/path/to/my/file2.key", # separate key
SSL_cert_file => "/path/to/my/file2.crt", # separate cert
SSL_foo => 1, # Any key prefixed with SSL_ passed as a port hashref
# key/value will automatically be passed to IO::Socket::SSL
}]);
DESCRIPTION
Protocol module for Net::Server based on IO::Socket::SSL. This module implements a secure socket layer over tcp (also known as SSL) via
the IO::Socket::SSL module. If this module does not work in your situation, please also consider using the SSLEAY protocol
(Net::Server::Proto::SSLEAY) which interfaces directly with Net::SSLeay. See Net::Server::Proto.
If you know that your server will only need IPv4 (which is the default for Net::Server), you can load IO::Socket::SSL in inet4 mode which
will prevent it from using Socket6 and IO::Socket::INET6 since they would represent additional and unsued overhead.
use IO::Socket::SSL qw(inet4);
use base qw(Net::Server::Fork);
__PACKAGE__->run(proto => "ssl");
PARAMETERS
In addition to the normal Net::Server parameters, any of the SSL parameters from IO::Socket::SSL may also be specified. See
IO::Socket::SSL for information on setting this up. All arguments prefixed with SSL_ will be passed to the IO::Socket::SSL->configure
method.
BUGS
Until version Net::Server version 2, Net::Server::Proto::SSL used the default IO::Socket::SSL::accept method. This old approach introduces
a DDOS vulnerability into the server, where the socket is accepted, but the parent server then has to block until the client negotiates the
SSL connection. This has now been overcome by overriding the accept method and accepting the SSL negotiation after the parent socket has
had the chance to go back to listening.
LICENCE
Distributed under the same terms as Net::Server
THANKS
Thanks to Vadim for pointing out the IO::Socket::SSL accept was returning objects blessed into the wrong class.
perl v5.14.2 2012-05-29 Net::Server::Proto::SSL(3pm)