Crear un Certificado SSL

Imagen de BitFrost

Tema: 

HOWTO: enable SSL (Secure Socket Layer) with Open Webmail (and your Web Site)
=============================================================================
by Thomas Chung (tchung AT openwebmail.org)
Last Updated: 2003-02-03

References:
RH71 Reference Guide (p167)
RH73 Customizaton Guide (p136-p140)

1) make sure you have mod_ssl and openssl installed in your redhat box

# rpm -q mod_ssl openssl (from RH73)
mod_ssl-2.8.12-2
openssl-0.9.6b-28

2) go to httpd config directory

# cd /etc/httpd/conf

3) remove the fake key and certificate that were generated during the installation with following command.

# rm ssl.key/server.key
# rm ssl.crt/server.crt

4) use following command to create your own key

# /usr/bin/openssl genrsa 1024 > /etc/httpd/conf/ssl.key/server.key

Generating RSA private key, 1024 bit long modulus
.................................++++++
..++++++
e is 65537 (0x10001)

5) use following command to make sure the permissions are set correctly on your key.

# chmod 600 /etc/httpd/conf/ssl.key/server.key

6) use following command to create a self-signed certicate

# make testcert

You will see something similar to following and you will need to answer several questions

[root@www conf]# make testcert
umask 77 ; \
/usr/bin/openssl req -new -key /etc/httpd/conf/ssl.key/server.key -x509 -days 365 -out /etc/httpd/conf/ssl.crt/server.crt
Using configuration from /usr/share/ssl/openssl.cnf
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:California
Locality Name (eg, city) []:Pasadena
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Open Webmail Project
Organizational Unit Name (eg, section) []:Thomas Chung
Common Name (eg, your name or your server's hostname) []:openwebmail.org
Email Address []:tchung@openwebmail.org
[root@www conf]#

7) Use following command to restart web server

# service httpd restart

8) Test your certicate from your browser

https:///cgi-bin/openwebmail/openwebmail.pl

9) You will see something similar to following

+----------------------------------------------------------+
| Website Certified by an Unknown Authority |
| |
| There is a problem with the certificate that identifies |
| "". Do you want to continue? |
| |
| The certificate was issued by a certificate authority |
| that Mozilla does not recognize |
| |
| [ View Certificate ] |
| |
| [ ] Remember this certificate permanently |
| |
| [ Continue ] [ Cancel ] [ Help ] |
+----------------------------------------------------------+

You can either just click on [ Continue ] button or
check on the box for "Remember..." then click on [ Continue ] button
to avoid this message in the future ( for about a year)

Comentarios

Interesante. Esto debería

Imagen de RazaMetaL

Interesante. Esto debería ir en : http://www.ecualug.org/comos 

 

--------------------------
Antes de preguntar visita: http://www.sindominio.net/ayuda/preguntas-inteligentes.html

http://www.bbspot.com/Images/News_Features/2003/

-----

Visita este [url=http://www.sindominio.net/ayuda/preguntas-inteligentes.html]link[/url] :evil:

[img]http://www.bbspot.com/Images/News_Features/2003/01/os_quiz/debian.jpg[/img]

Revisa el HowTo de Sendmail,

Imagen de BitFrost

Revisa el HowTo de Sendmail, que lo traduci ahi te dan la direccion para una guia para crear SSL para mail
"Education is what remains after one has forgotten everything he learned in school." - Albert Einstein

"Education is what remains after one has forgotten everything he learned in school." - Albert Einstein
[img]http://counter.li.org/cgi-bin/certificate.cgi/345468[/img]

Howto

Hola Bitfrost.
Gracias por la respuesta.
Dime dónde reviso el HowTo de Sendmail?

Neilo.

Imagen de BitFrost

Aqui
http://www.ecualug.org/?q=guia_de_instalacion_de_postfix_con_dovecot
"Education is what remains after one has forgotten everything he learned in school." - Albert Einstein

"Education is what remains after one has forgotten everything he learned in school." - Albert Einstein
[img]http://counter.li.org/cgi-bin/certificate.cgi/345468[/img]