ssl certificate server

ssl certificate server

Post by Diana Bloc » Thu, 25 May 2000 04:00:00



Hello,

hope, there is somebody, who will help me.

I want to setup a certificate server with linux, which should be an
autorative server to give certificates to some of my other domains.
Some of this domains are running under Microsoft IIS, others under Apache.

Can somebody give me some statements, what I need and what to do?
I have no experience in this area.

--

Mit freundlichem Gru? aus Sankt Augustin
Diana Block

ChemSoft GmbH
Market-Services
Postanschrift: Am Otenberg 17a, 53757 Sankt Augustin
Technik und Service: TechnoPark der GMD, Rathausallee 10
Telefon 02241/334691 - Fax 02241/334692 - http://www.chemsoft.de

 
 
 

ssl certificate server

Post by Andreas Biener » Thu, 25 May 2000 04:00:00


Quote:> Can somebody give me some statements, what I need and what to do?
> I have no experience in this area.

Wrde ich ja gerne tun. Aber Cross-Postings und englisch-sprachige in
dt.-sprachigen Newsgroups sind irgendwie nicht mein Ding!

Gru?
Andreas

 
 
 

ssl certificate server

Post by Paul Rub » Fri, 26 May 2000 04:00:00



>hope, there is somebody, who will help me.

>I want to setup a certificate server with linux, which should be an
>autorative server to give certificates to some of my other domains.
>Some of this domains are running under Microsoft IIS, others under Apache.

>Can somebody give me some statements, what I need and what to do?
>I have no experience in this area.

If you mean web server certificates that standard web browsers can read,
you have to get the certs signed by a CA that the browsers recognize.
Yon can do this (for example) through Verisign OnSite.  See www.verisign.com
for more info.  Thawte (now owned by Verisign) has something similar.

Equifax (http://www.equifaxsecure.com) is also trying to enter this
market so you might get in contact with them.

You can't just issue your own certificates and have the browsers
recognize them, unless you first install your signing root into the
browsers.  If your users are all within your company or something like
that, you can ask them to load the signing root (visit a certain URL
on your server and click "yes" to some security dialogs).  There is
some info in the mod_ssl docs (www.modssl.org) about how to set up a
private CA, if that's what you want to do.

If the servers are for public use (e.g. for e-commerce), generally
that method is not workable and you have to pay for public CA-issued
certs.

 
 
 

1. Old machine Tomcat+SSL, new machine Apache+SSL - new certificates needed?

A new customer of ours uses Tomcat+SSL on their current machine.
I've set up a new machine for them using Apache+SSL, however I'm
unclear about migrating certificates.  Is that possible or do I have to
go back to the CA and generate a new set?  I don't see anything like
server.crt and server.key in their Tomcat+SSL setup.  It has .csr and
.cer files.

Thx,

Skip Montanaro

2. 3Com Etherlink 3C905C - does not detect

3. Can't convert my netscape ssl certificate for use with Apache-SSL

4. 3480 tapes and dd command

5. Apache-SSL and problems with SSL certificate

6. unable to switch user

7. New SSL certificate for existing server

8. RCP Suse Linex-->Solaris 5.8

9. Geotrust SSL certificates on Cobalt RAQ servers

10. Apache-SSL: Multiple Certificates With Virtual Servers?

11. SSL certificates on Apache Virtual Servers

12. Server Certificates (SSL) Pricing

13. 2 ssl certificates for 2 VirtualHost on one Apache web server