Changes between Version 97 and Version 98 of NewLiveServer
- Timestamp:
- 04/30/12 13:14:45 (5 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
NewLiveServer
v97 v98 99 99 === HTTPS === 100 100 101 The HTTPS !VirtualHosts have the following directives :101 The HTTPS !VirtualHosts have the following directives (see ticket:409): 102 102 103 103 {{{ 104 104 SSLEngine on 105 SSLCipherSuite HIGH106 105 SSLProtocol all -SSLv2 106 SSLHonorCipherOrder On 107 SSLCipherSuite RC4-SHA:HIGH:!ADH:!SSLv2:!aNULL 107 108 SSLCertificateFile /etc/ssl/transitionnetwork.org/transitionnetwork.org.pem 108 109 SSLCertificateChainFile /etc/ssl/transitionnetwork.org/gandi.pem … … 116 117 }}} 117 118 118 And the gandi.pem contains the cert and the chain of root certificates: 119 120 {{{ 121 wget http://crt.gandi.net/GandiStandardSSLCA.crt 122 wget http://crt.usertrust.com/UTNAddTrustServer_CA.crt 123 wget http://crt.usertrust.com/AddTrustExternalCARoot.crt 119 And the gandi.pem contains the the chain of root certificates: 120 121 {{{ 122 wget http://crt.gandi.net/GandiStandardSSLCA.crt -O GandiStandardSSLCA.crt 123 wget http://crt.usertrust.com/UTNAddTrustServer_CA.crt -O UTNAddTrustServer_CA.crt 124 wget http://crt.usertrust.com/AddTrustExternalCARoot.crt -O AddTrustExternalCARoot.crt 125 124 126 openssl x509 -inform DER -in GandiStandardSSLCA.crt -out GandiStandardSSLCA.pem 125 127 openssl x509 -inform DER -in AddTrustExternalCARoot.crt -out AddTrustExternalCARoot.pem 126 128 openssl x509 -inform DER -in UTNAddTrustServer_CA.crt -out UTNAddTrustServer_CA.pem 127 cat transitionnetwork.org.crt > gandi.pem 128 cat GandiStandardSSLCA.pem >> gandi.pem 129 130 cat GandiStandardSSLCA.pem > gandi.pem 131 cat UTNAddTrustServer_CA.pem >> gandi.pem 129 132 cat AddTrustExternalCARoot.pem >> gandi.pem 130 cat UTNAddTrustServer_CA.pem >> gandi.pem131 133 }}} 132 134
