How to attach OpenSSL certificate to a website - Security

This is a discussion on How to attach OpenSSL certificate to a website - Security ; Hi to all, This is my first mail to this group. I am currently working on an assignment in wihch "I have to attach digital signature certified my certificate authority to a local site (e.g: www.xyz.com ) running on my ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: How to attach OpenSSL certificate to a website

  1. How to attach OpenSSL certificate to a website

    Hi to all,
    This is my first mail to this group. I am currently working
    on an assignment in wihch "I have to attach digital signature certified
    my certificate authority to a local site (e.g:www.xyz.com) running on
    my linux system.
    Here my system should act as Certified Authority, Apache web
    server and DNS server. I have sucessfully created a certificate by
    executing the following commands.

    # mkdir CA
    # cd CA
    # mkdir newcerts private
    # echo '01' >serial
    # touch index.txt
    # openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem \
    -out cacert.pem -days 365 -config ./openssl.cnf
    # openssl req -new -nodes -out req.pem -config ./openssl.cnf
    # openssl ca -out cert.pem -config ./openssl.cnf -infiles req.pem

    During executing these commands I wrote my own configuration file
    openssl.cnf.
    This creates a certificate with name cert.pem.

    The next step where I got stuck is to make my system a web
    server (apache) and a DNS server. So that I can attach the certificate
    to the site I have made the certificate for. For this there is need for
    adding some directives to httpd.conf file i.e adding a virtual host. In
    simple words "how to make my system a web server and a DNS server"

    Any help regarding this will be appreciated.

    regards,
    WASEEM


  2. Re: How to attach OpenSSL certificate to a website

    On Thu, 02 Mar 2006 23:32:32 -0500, Waseem wrote:

    > Hi to all,
    > This is my first mail to this group. I am currently working
    > on an assignment in wihch "I have to attach digital signature certified
    > my certificate authority to a local site (e.g:www.xyz.com) running on
    > my linux system.
    > Here my system should act as Certified Authority, Apache web
    > server and DNS server. I have sucessfully created a certificate by
    > executing the following commands.
    >
    > # mkdir CA
    > # cd CA
    > # mkdir newcerts private
    > # echo '01' >serial
    > # touch index.txt
    > # openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem \
    > -out cacert.pem -days 365 -config ./openssl.cnf
    > # openssl req -new -nodes -out req.pem -config ./openssl.cnf
    > # openssl ca -out cert.pem -config ./openssl.cnf -infiles req.pem
    >
    > During executing these commands I wrote my own configuration file
    > openssl.cnf.
    > This creates a certificate with name cert.pem.
    >
    > The next step where I got stuck is to make my system a web
    > server (apache) and a DNS server. So that I can attach the certificate
    > to the site I have made the certificate for. For this there is need for
    > adding some directives to httpd.conf file i.e adding a virtual host. In
    > simple words "how to make my system a web server and a DNS server"


    Certificates come from certified authorities, they don't make you one.
    They are not required to make your system a webserver or a dns server.
    DNS doesn't use certificates. Read the bind/named man page for how to
    set it up.
    http doesn't use certificates. https does. Read the apache manual for how
    to install an ssl certificate for https.

  3. Re: How to attach OpenSSL certificate to a website

    "Joe Beanfish" (06-03-03 13:53:57):

    > DNS doesn't use certificates. Read the bind/named man page for how to
    > set it up.


    BIND supports "secure" DNS, which, in fact, does use certificates.


    Regards.

  4. Re: How to attach OpenSSL certificate to a website

    "Waseem" écrivait news:1141360352.506393.110960
    @u72g2000cwu.googlegroups.com:

    > Here my system should act as Certified Authority, Apache web
    > server and DNS server. I have sucessfully created a certificate by
    > executing the following commands.
    >
    > ...


    So, for the web serveur (apache), add the following directive and virtual
    host (example) :


    Listen 443



    ServerName www.babylon.fr.eu.org
    ServerAdmin webmaster@babylon.fr.eu.org

    DocumentRoot /home/public/www/www.babylon.fr.eu.org/htdocs
    ScriptAlias /cgi-bin/ /home/public/www/www.babylon.fr.eu.org/cgi-bin/

    ErrorLog /var/log/apache2/babylon.fr.eu.org-error.log
    CustomLog /var/log/apache2/babylon.fr.eu.org-access.log common

    SSLEngine On
    SSLCertificateFile /etc/apache2/ssl/apache.pem




    where 443 is the standard HTTPS port, and /etc/apache2/ssl/apache.pem is
    your RAS private key/certificate file.

    The two directive SSLEngine and SSLCertificateFile are the SSL importante
    one. Of course you should have SSL support enabled on your apache web
    serveur.

    If you want to auto start the web serveur you should set a blank
    passphrase to the certificate private ke.


    Regards

  5. Re: How to attach OpenSSL certificate to a website

    I dint mean Web server or DNS server uses certificates. In order to
    test it I have to make my system a webserver and DNS server so that I
    can attach the certificate to local website I have to prepare.
    If I open this website from different host (172.16.3.55) it should
    fetch the page from this webserver (172.16.3.50) for which it has to be
    DNS server too.
    For this I have to add a virtual host to the webserver (in httpd.conf),
    in that virtual host section is there where I should also add ssl
    directives so as to add the certificate I have prepared.
    The result should be like when access this particular website I should
    able to see the certificate also.


  6. Re: How to attach OpenSSL certificate to a website

    I dint mean Web server or DNS server uses certificates. In order to
    test it I have to make my system a webserver and DNS server so that I
    can attach the certificate to local website I have to prepare.
    If I open this website from different host (172.16.3.55) it should
    fetch the page from this webserver (172.16.3.50) for which it has to be
    DNS server too.
    For this I have to add a virtual host to the webserver (in httpd.conf),
    in that virtual host section is there where I should also add ssl
    directives so as to add the certificate I have prepared.
    The result should be like when access this particular website I should
    able to see the certificate also.


  7. Re: How to attach OpenSSL certificate to a website

    "Waseem" (06-03-05 21:11:47):

    > I dint mean Web server or DNS server uses certificates. In order to
    > test it I have to make my system a webserver and DNS server so that I
    > can attach the certificate to local website I have to prepare. If I
    > open this website from different host (172.16.3.55) it should fetch
    > the page from this webserver (172.16.3.50) for which it has to be DNS
    > server too.
    > For this I have to add a virtual host to the webserver (in
    > httpd.conf), in that virtual host section is there where I should also
    > add ssl directives so as to add the certificate I have prepared. The
    > result should be like when access this particular website I should
    > able to see the certificate also.


    Then you are in the wrong newsgroup here (comp.os.linux.security). We
    don't deal with configuring webservers or DNS servers. We deal with
    Linux security. You will want to read the Apache and BIND
    documentations.

    Regards.

  8. Re: How to attach OpenSSL certificate to a website


+ Reply to Thread