Electronic Books

If you run a Web site that has a very limited
set of customers, such as an Application Service Provider, you can simply inform your
users that you have no certificate signer. They can browse the certificate information and
validate it with you over the phone or in person.
 Testing. It makes no sense to pay for an SSL certificate if you are only testing a new Web
site or Web-based application. Use a self-signed certificate until you are ready to go live.
Creating a Certificate Service Request
To create a third-party validated SSL certificate from a Fedora Linux system, you must first start
with a Certificate Service Request (CSR). To create a CSR, do the following on your Web server:
# cd /etc/httpd/conf
# make certreq
umask 77 ; \
/usr/bin/openssl genrsa -des3 1024 > /etc/httpd/conf/ssl.key/server.key
.
.
.
You will now be asked to enter a password to secure your private key. This password should be at
least eight characters long, and should not be a dictionary word or contain numbers or punctuation.
The characters you type will not appear on the screen, to prevent someone from shoulder
surfing your password.
Enter pass phrase:
Enter the password again to verify.
Verifying - Enter pass phrase:
The certificate generation process now begins.


Pages:
496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520