Posteet: ssl http://www.posteet.com/ Recent posteets posted to Posteet 60 Configurer un serveur local (sous Wamp) pour un accès en https (SSL) http://www.posteet.com/view/1351 Dans un premier temps, suivre le tutoriel qui figure à cette adresse : http://apache.developpez.com/cours/apache20-modssl-windows/ Regénérer la clé sans RSA (sinon message d'erreur "SSLPassPhraseDialog builtin is not supported on Win32") en ligne de commande (il faut d'abord faire une copie de la clé, ici : nom_du_serveur.key.org) : openssl rsa -in C:\"Program Files"\wamp\bin\apache\apache2.2.6\conf\ssl\nom_du_serveur.key.org -out C:\"Program Files"\wamp\bin\apache\apache2.2.6\conf\ssl\nom_du_serveur.key Voir http://www.entrust.net/knowledge-base/technote.cfm?tn=5634 pour les détails. Il faut paramétrer le VirtualHost du serveur concerné dans le fichier httpd-ssl.conf. En cas d'erreur, les logs se trouvent dans C:\Program Files\wamp\logs\apache_error.log [apache] [configuration] [https] [ssl] [wamp] [windows] ]]> cyo Mon, 03 Nov 2008 11:05:53 +0000 apache configuration https ssl wamp windows Enable SSL in apache2 on Debian Etch http://www.posteet.com/view/1037 # Enable ssl a2enmod ssl # Edit /etc/apache2/ports.conf and add "Listen 443" # Generate certs: use your domain as Common Name or *.domain.tld for multiple domains openssl req -x509 -nodes -days 365 -newkey rsa:1024 -out /etc/apache2/server.crt -keyout /etc/apache2/server.key # In the virtualhost, use the following code: <VirtualHost 192.168.0.1:443> SSLEngine On SSLCertificateFile /etc/apache2/server.crt SSLCertificateKeyFile /etc/apache2/server.key </VirtualHost> # Reload apache2 /etc/init.d/apache2 reload [apache2] [debian] [openssl] [ssl] [virtualhost] ]]> spirit Thu, 03 Jul 2008 19:46:21 +0000 apache2 debian openssl ssl virtualhost Convert a pkcs12 to pem (ca crt, crt, key) http://www.posteet.com/view/769 $ openssl pkcs12 -in pkcs12file.p12 -out pemfile.pem (by default, pkcs12 will ask for an import password, to decrypt the p12 file (just press Enter if you don't have a password), and finally a passphrase to encrypt your key) pemfile.pem now contains your CA certificate, your client certificate, and your (encrypted) key. [ssl] ]]> skanx Mon, 18 Feb 2008 12:26:05 +0000 ssl Quickly generate a self-signed SSL certificate for Apache http://www.posteet.com/view/648 openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem hint: to generate a wildcard certificate for multiple name-based virtualhosts, use *.domain.tld as the common name. [apache] [ssl] ]]> skanx Thu, 03 Jan 2008 15:22:21 +0000 apache ssl