Changes between Version 3 and Version 4 of ParrotServer


Ignore:
Timestamp:
05/02/13 09:52:25 (4 years ago)
Author:
chris
Comment:

SSL documentation added

Legend:

Unmodified
Added
Removed
Modified

  • ParrotServer

    v3 v4  
    3939See WordPress. 
    4040 
    41 == SSL Cert == 
     41== SSL Certs == 
    4242 
    43 To save money a certificate from http://cacert.org/ has been generated and installed using the [csr script http://wiki.cacert.org/CSRGenerator]: 
     43The server has a copy of the *.transitionnetwork.org wild card certificate installed and this is used for https://parrot.transitionnetwork.org/  
    4444 
    45 {{{ 
    46  csr 
    47 Private Key and Certificate Signing Request Generator 
    48 This script was designed to suit the request format needed by 
    49 the CAcert Certificate Authority. www.CAcert.org 
     45The server also has a dedicated IP address for the https://intransitionmovie.com/ site and SSL certificate. 
    5046 
    51 Short Hostname (ie. imap big_srv www2): parrot 
    52 FQDN/CommonName (ie. www.example.com) : parrot.webarch.net 
    53 Type SubjectAltNames for the certificate, one per line. Enter a blank line to finish 
    54 SubjectAltName: DNS:parrot.webarch.net 
    55 SubjectAltName: DNS:*.parrot.webarch.net 
    56 SubjectAltName: DNS:parrot.transitionnetwork.org 
    57 SubjectAltName: DNS:*.parrot.transitionnetwork.org 
    58 SubjectAltName: DNS:reconomy.org 
    59 SubjectAltName: DNS:www.reconomy.org 
    60 SubjectAltName: DNS:reconomyproject.org 
    61 SubjectAltName: DNS:www.reconomyproject.org 
    62 SubjectAltName: DNS:intransitionmovie.com 
    63 SubjectAltName: DNS:www.intransitionmovie.com 
    64 SubjectAltName: DNS:intransitionmovie.org 
    65 SubjectAltName: DNS:www.intransitionmovie.org 
    66 SubjectAltName: DNS:transitionmovie.org 
    67 SubjectAltName: DNS:www.transitionmovie.org 
    68 SubjectAltName: DNS:earthinheritors.net 
    69 SubjectAltName: DNS:www.earthinheritors.net 
    70 SubjectAltName: DNS: 
    71 }}} 
     47All the other sites use a free http://cacert.org/ certificate, see ticket:540#comment:1 for a list of domains. To get rid of the security warnings that you will get if you don't have the CAcert root installed you need to install the root cert from http://www.cacert.org/index.php?id=3 to do this using Windows simply click http://www.cacert.org/certs/CAcert_Root_Certificates.msi and for Firefox and Chrome click https://www.cacert.org/certs/root.crt