Thanks, that worked fine.
On Thu, 02 Jul 1998 17:25:14 +0100 Adam Laurie <adam@algroup.co.uk>
wrote:
> Darn. One day I'll learn to read the *whole* message before replying...
> :)
>
> OK, if you're trying to get your shiny new cert to work with apache-ssl,
> all you need to do is add the following to your config:
>
> SSLCertificateFile /path/to/your/new.verisign.cert
> SSLCertificateKeyFile /path/to/your/key.that.you.signed.the.request.with
>
> and possibly (depending on what version you're running):
>
> SSLCACertificateFile /a/dummy/entry/because/of/a/bug/in/1.17
>
> cheers,
> Adam
>
>
> Adam Laurie wrote:
> >
> > if you want to examine the cert, use:
> >
> > ssleay x509 -text -in your.cert
> >
> > If you want to generate a linked hash, do:
> >
> > ln -s your.cert `ssleay x509 -noout -hash < your.cert`.0
> >
> > cheers,
> > Adam
> >
> > Todd B. Acheson wrote:
> > >
> > > I am attempting to get a verisign certificate.
> > >
> > > I received instructions (included below) from verisgin and I generated
> > > a CSR and received a certificate.
> > >
> > > However I cannot find the "getca" or "getversign" programs or commands
> > > that they reference to extract the Server ID. I have SSLeay 0.81 and
> > > 0.90b.
> > >
> > > Verisign is no help in the matter.
> > >
> > > -----
> > > 1. VeriSign will have sent you a certificate in the mail. This will look
> > > something like the following:
> > > -----BEGIN CERTIFICATE-----
> > > JIEBSDSCEXoCHQEwLQMJSoZILvoNVQECSQAwcSETMRkOAMUTBhMuVrM
> > > mIoAnBdNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMRwwGgYDVQ
> > > QLExNQZXJzb25hIENlcnRpZmljYXRlMSQwIgYDVQQDExtPcGVuIE1hc
> > > mtldCBUZXN0IFNlcnZlciAxMTAwHhcNOTUwNzE5MjAyNzMwWhcNOTYw
> > > NTE0MjAyOTEwWjBzMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXUlNBIER
> > > hdGEgU2VjdXJpdHksIEluYy4xHDAaBgNVBAsTE1BlcnNvbmEgQ2VydG
> > > lmaWNhdGUxJDAiBgNVBAMTG09wZW4gTWFya2V0IFRlc3QgU2VydmVyI
> > > DExMDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDU/7lrgR6vkVNX40BA
> > > q1poGdSmGkD1iN3sEPfSTGxNJXY58XH3JoZ4nrF7mIfvpghNi1taYim
> > > vhbBPNqYe4yLPAgMBAAEwDQYJKoZIhvcNAQECBQADQQBqyCpws9EaAj
> > > KKAefuNP+z+8NY8khckgyHN2LLpfhv+iP8m+bF66HNDUlFz8ZrVOu3W QapgL
> > > PV90kIskNKXX3a
> > > ------END CERTIFICATE-----
> > > 1. Copy the entire certificate, including the begin certificate and end
> > > certificate lines into a text editor such as Notepad (do not use Word or
> > > another word processing program.) Make sure that the certificate appears as
> > > formatted above. In other words, make sure that the begin certificate and
> > > end certificate lines are by themselves.
> > > 2. Secure Server ID PRIVACY-ENHANCED message to a temporary file, such as
> > > /tmp/cert.tmp.
> > > 3. Run getca and specify both the name of the server that owns the ID and
> > > the name of the temporary certificate file. For example: # getca hostname <
> > > /tmp/cert.tmp
> > > 4. In some versions of SSLEAY, you should use the command getversign instead
> > > of getca
> > > 5. This saves the Secure Server ID to the file SSLTOP/certs/hostname.cert
> > > 6. Remove the temporary file. For example: # rm/tmp/cert.tmp
> > > 7. Restart the server.
> > >
> > > ----------------------
> > > Todd Acheson
> > > 740 593-0034
> > >
> > > acheson@ohiou.edu
> >
> > --
> > Adam Laurie Tel: +44 (181) 742 0755
> > A.L. Digital Ltd. Fax: +44 (181) 742 5995
> > Voysey House
> > Barley Mow Passage http://www.aldigital.co.uk
> > London W4 4GB mailto:adam@algroup.co.uk
> > UNITED KINGDOM PGP key on keyservers
>
> --
> Adam Laurie Tel: +44 (181) 742 0755
> A.L. Digital Ltd. Fax: +44 (181) 742 5995
> Voysey House
> Barley Mow Passage http://www.aldigital.co.uk
> London W4 4GB mailto:adam@algroup.co.uk
> UNITED KINGDOM PGP key on keyservers
----------------------
Todd Acheson
740 593-0034
acheson@ohiou.edu