Hello Mat, I my previous step-by-step procedure I forgot to include a small part that I found out later; it should be appended... At 2000-04-04 17:58, I wrote:
Hello Mat, ... I posted this step-by-step procedure a while ago:
---cut--- o Configuring SSL - properly and create your own Certificate Authority (CA) ... You might want to keep the ca and server keys and certs on a floppy and store them in a secure place. ---cut---
Please append this, if you don't want to type in the server key passphrase with every reboot (there is a security issue): ---append--- You might want to keep the ca and server keys and certs on a floppy and store them in a secure place. During a machine reboot, you will be asked for the server key pass-phrase. There is a short time-out, and usually the server therefore won't start. The solution is to remove the encryption from the server key. See question "How can I get rid of the pass-phrase dialog at Apache startup time?" in the mod_ssl faq for more on the security aspects. Here's what you do: # cd /etc/httpd/ssl.key # cp -p server.key server.key.orig # openssl rsa -in server.key.orig -out server.key # chmod 0400 server.key server.key.orig # chown root server.key server.key.orig ---append--- Good luck, Eric -- Eric Maryniak <e.maryniak@pobox.com> Home page: http://pobox.com/~e.maryniak/ University of Amsterdam, Department of Psychology. Tel/Fax: +31 20 5256853/6391656. Internet: http://www.neuromod.org/ The best way to accelerate Windows is at 9.8 m/s^2. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/