Posts tagged: ssl

CaCert – Open Source Certificates

CaCert provides a free service as a Root Certificate Authority (CA).

To use the service for generating free SSL certificates, you first need to join the community and sign-up for an account.

After you’ve activated the account, login,  go to the ‘Server Certificates’ section off the main menu, click on ‘New’ and follow the instructions.

Before you use the certificates on a web site, install the CACert root certificate in your browser. Use the ‘Class 1′ Root certificate in PEM format.  In Firefox, just click on the PEM link, and accept the security exception. This is the only time you should need to do this. Thereafter, any certificate signed by CaCert will be accepted as a legal certificate.

Note that you would have to do this with any CA root certificate, if a number of them did not come pre-installed in your browser. To see all of your certificates in Firefox, go to Preferences > Advanced > Encryption > View Certificates > Authorities and Preferences > Advanced > Encryption > View Certificates > Servers .

See also Installing an SSL Certificate on Apache 2 and How to generate a Certificate Signing Request (CSR) for related information.

Tags: , ,

categories Uncategorized | tracy | datetime October 27, 2009 5:56 am | comments Comments (1)

How to generate a Certificate Signing Request (CSR)

How to generate a Certificate Signing Request (CSR). There are useful references all over. A good one for web servers is Certificate Signing Request

The skinny (for *nix):

  • Make sure you have OpenSSL installed (OpenSSL home and OpenSSL installation instructions)
  • openssl genrsa -des3 -out domainname.key.crypt 1024
  • openssl rsa -in domainname.key.crypt -out domainname.key
  • openssl req -new -key domainname.key -out domainname.csr
  • Submit CSR to a Certificate Authority to get a Signed CSR and CA certificate chain back

See also Installing the Certificate in Apache 2 and CaCert – Open Source Certificates.

Tags: , ,

categories Uncategorized | tracy | datetime September 26, 2009 6:58 am | comments Comments (2)

Generate self-signed SSL certificate

How to create a self-signed SSL Certificate

Local copy of instructions

Tags: ,

categories Uncategorized | tracy | datetime December 11, 2008 12:43 pm | comments Comments (0)

Unencrypt an SSL certificate

This is the easiest way to remove a password from a key after it’s been generated with a key.

openssl rsa -in server.key.cryp -out server.key

Tags: , ,

categories Uncategorized | tracy | datetime December 2, 2008 8:41 pm | comments Comments (0)

Apache SSL Rewrite Rule

An Apache rewrite rule to force SSL on every request. Place in .htaccess in any directory where you want this to happen.

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Tags: , , ,

categories Uncategorized | tracy | datetime November 29, 2008 5:20 pm | comments Comments (0)

WordPress Themes