Article delegate-en/755 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A752@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: SSLway, keys and Netscape
05 Apr 2000 19:40:11 GMT Wes Brown <p6mbabdyi-ctnqxdqaqc3r.ml@ml.delegate.org>


On Mon, Apr 03, 2000 at 08:52:48AM +0000, Kai Dupke wrote:
> (also mailed)
> Hi,
> 
> as I tried delegate as https-2-http-proxy I compiled sslway.
> 
> But how to get the requested keys? 
> 
> As I read the docs of delegate and ssleay and tried the keys generated
> by mkcert.sh my netscape claimed not to be able to get a working
> configuration. Are the keys to long?
> 
> Greetings kai

Their are a number of ways to build test or production keys.  The two that I
use are the self signed keys and keys using a self-authoritative CA that I
control.

The easiest way to make a self-signed key is to run the following commands:
	openssl genrsa -out server.key 1024
	openssl req -new -x509 -days 365 -key server.key -out server.crt
	cat server.key > ServerCERT.pem
	echo "" >> ServerCERT.pem
	cat server.crt >> ServerCERT.pem

You may need to remove the password from the server.key if you do not want
to provide it every time the server starts.  That command is as follows:
	openssl rsa -in server.key -out server.key.unsecure

You would cat server.key.unsecure into the PEM file instead of the
server.key.

Netscape will only work with keys that are 1024.  If you are still using
SSLeay, then the commands are mostly the same.  You may need to find
someone able to translate these into the older command format.

Good luck.

Care to share what you ran to get things working?

Wes
--- 
Wes Brown
ewb4@cwru..		p6mbabdyi-ctnqxdqaqc3r.ml@ml.delegate.org
http://prozac.cwru.edu/wes/About.me.html
KB8TGR

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V