Sihnon wiki

User Tools

Site Tools

You are here: start » startcom
startcom

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
startcom [2014/11/24 01:14] – created 0.0.0.0startcom [2014/11/24 02:11] (current) ben
Line 12: Line 12:
 ===== Startcom.org Certificates ===== ===== Startcom.org Certificates =====
 Generate the private key Generate the private key
-<source lang="bash">+<code bash>
 openssl genrsa -out domain.sihnon.net.key 1024 openssl genrsa -out domain.sihnon.net.key 1024
-</source>+</code>
  
 Generate the Certificate Signing Request Generate the Certificate Signing Request
-<source lang="bash">+<code bash>
 openssl req -new -key domain.sihnon.net.key -out domain.sihnon.net.csr openssl req -new -key domain.sihnon.net.key -out domain.sihnon.net.csr
-</source>+</code>
  
 Send the CSR to cacert.org, and cat the result into domain.sihnon.net.pem Send the CSR to cacert.org, and cat the result into domain.sihnon.net.pem
Line 27: Line 27:
 ===== Using certificates in apache ===== ===== Using certificates in apache =====
 Create a certificate bundle, which contains the Intermediate and Root CA certificates Create a certificate bundle, which contains the Intermediate and Root CA certificates
-<source lang="bash">+<code bash>
 cat sub.class2.server.startcom.crt startcom.crt > sub.class2.server.startcom.bundle.crt cat sub.class2.server.startcom.crt startcom.crt > sub.class2.server.startcom.bundle.crt
-</source>+</code>
  
 And configure apache to send the bundle along with the certificate And configure apache to send the bundle along with the certificate
-<source lang="apache">+<code apache>
 SSLEngine on SSLEngine on
 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+EXP:+eNULL SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+EXP:+eNULL
Line 38: Line 38:
 SSLCertificateKeyFile /etc/apache2/ssl/$VHOST.sihnon.net.key SSLCertificateKeyFile /etc/apache2/ssl/$VHOST.sihnon.net.key
 SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.startcom.bundle.crt SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.startcom.bundle.crt
-</source>+</code>
  
 ==== Server Name Indication ==== ==== Server Name Indication ====
Line 44: Line 44:
  
 Compile apache with sni support Compile apache with sni support
-<source lang="bash">+<code bash>
     # echo "www-server/apache sni" >> /etc/portage/package.use     # echo "www-server/apache sni" >> /etc/portage/package.use
     # emerge apache -av     # emerge apache -av
-</source>+</code>
  
 Now, with very little effort, it is possible to set up multiple vhosts with SSL enabled as above and everything should Just Work&trade; Now, with very little effort, it is possible to set up multiple vhosts with SSL enabled as above and everything should Just Work&trade;
Line 53: Line 53:
 ===== Using certificates in postfix ===== ===== Using certificates in postfix =====
 Create the bundle as per the instructions for apache, above, and then configure postfix with the following options Create the bundle as per the instructions for apache, above, and then configure postfix with the following options
-<source lang="text">+<code text>
 smtpd_tls_key_file = /etc/ssl/smtp.sihnon.net.key smtpd_tls_key_file = /etc/ssl/smtp.sihnon.net.key
 smtpd_tls_cert_file = /etc/ssl/smtp.sihnon.net.crt smtpd_tls_cert_file = /etc/ssl/smtp.sihnon.net.crt
 smtpd_tls_CAfile = /etc/ssl/sub.class2.server.startcom.bundle.crt smtpd_tls_CAfile = /etc/ssl/sub.class2.server.startcom.bundle.crt
-</source>+</code>
  
 ===== Using certificates in courier-imap ===== ===== Using certificates in courier-imap =====
 Courier expects the key and the certificate in the same file, along with some Diffie-Hellman parameters Courier expects the key and the certificate in the same file, along with some Diffie-Hellman parameters
-<source lang="bash">+<code bash>
 cat domain.sihnon.net.key domain.sihnon.net.pem > domain.sihnon.net.courier.pem cat domain.sihnon.net.key domain.sihnon.net.pem > domain.sihnon.net.courier.pem
 openssl gendh >> domain.sihnon.net.courier.pem openssl gendh >> domain.sihnon.net.courier.pem
-</source>+</code>
  
 ===== Certificates issued by startcom ===== ===== Certificates issued by startcom =====
-These certificates and corresponding private keys are stored in <tt>/home/ben/secure</tt>.+These certificates and corresponding private keys are stored in ''/home/ben/secure''.
  
   * backups.sihnon.net (expires 2011-11-02)   * backups.sihnon.net (expires 2011-11-02)
startcom.1416791659.txt.gz · Last modified: by 0.0.0.0
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki