Electronic Books

The cracker will not be able to make use of it. Without such protection,
a cracker could get your private key and easily masquerade as you, appearing to be legitimate
in all cases.
If you just cannot stand having to enter a password every time your Web server starts, and are
willing to accept the increased risk, you can remove the password encryption on your private key.
Simply do the following:
# cd /etc/httpd/conf/ssl.key
# /usr/bin/openssl rsa -in server.key -out server.key
Troubleshooting Your Certificates
The following tips should help if you are having problems with your SSL certificate:
 Only one SSL certificate per IP address is allowed. If you want to add more than one
SSL-enabled Web site to your server, you must bind another IP address to the network
interface.
 Make sure the permission mask on the /etc/httpd/conf/ssl.* directories and their
contents is 700 (rwx------).
 Make sure you aren??™t blocking port 443 on your Web server. All https requests come in
on port 443. If you are blocking it, you will not be able to get secure pages.
 The certificate lasts for one year only. When that year is up, you have to renew your certificate
with your certificate authority. Each certificate authority has a different procedure
for doing this; check the authority??™s Web site for more details.


Pages:
502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526