Changes between Version 50 and Version 51 of NewLiveServer


Ignore:
Timestamp:
11/08/10 23:47:18 (6 years ago)
Author:
chris
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • NewLiveServer

    v50 v51  
    3939 
    4040The main configuration file is /etc/apache2/apache2.conf and the virtual hosts are sym linked from /etc/apache2/sites-enabled 
     41 
     42The HTTPS !VirtualHosts have the following directives: 
     43 
     44{{{ 
     45SSLEngine on 
     46SSLCipherSuite HIGH 
     47SSLProtocol all -SSLv2 
     48SSLCertificateFile      /etc/ssl/transitionnetwork.org/transitionnetwork.org.pem 
     49SSLCertificateChainFile /etc/ssl/transitionnetwork.org/gandi.pem 
     50}}} 
     51 
     52The transitionnetwork.org.pem file contains both the certificate and the key (these are the files from gandi.net): 
     53 
     54{{{ 
     55cat transitionnetwork.org.crt > transitionnetwork.org.pem 
     56cat transitionnetwork.org.key >> transitionnetwork.org.pem 
     57}}} 
     58 
     59And the gandi.pem contains the cert and the chain of root certificates: 
     60 
     61{{{ 
     62wget http://crt.gandi.net/GandiStandardSSLCA.crt 
     63wget http://crt.usertrust.com/UTNAddTrustServer_CA.crt 
     64wget http://crt.usertrust.com/AddTrustExternalCARoot.crt 
     65openssl x509 -inform DER -in GandiStandardSSLCA.crt -out GandiStandardSSLCA.pem 
     66openssl x509 -inform DER -in AddTrustExternalCARoot.crt -out AddTrustExternalCARoot.pem 
     67openssl x509 -inform DER -in UTNAddTrustServer_CA.crt -out UTNAddTrustServer_CA.pem 
     68cat transitionnetwork.org.crt > gandi.pem 
     69cat GandiStandardSSLCA.pem >> gandi.pem 
     70cat AddTrustExternalCARoot.pem >> gandi.pem 
     71cat UTNAddTrustServer_CA.pem >> gandi.pem 
     72}}} 
    4173 
    4274== apc ==