Cover V05, I10
Article
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Sidebar 1

oct96.tar

Figure 5: Sample httpsd configuration

# Set the CA certificate verification path (must be PEM encoded).
# (in addition to getenv("SSL_CERT_DIR"), I think).
SSLCACertificatePath /usr/local/ssl/demoCA

# Set the CA certificate verification file (must be PEM encoded).
# (in addition to getenv("SSL_CERT_FILE"), I think).
SSLCACertificateFile /usr/local/ssl/demoCA/CAcert.pem

# Point SSLCertificateFile at a PEM encoded certificate.
# If the certificate is encrypted, then you will be prompted for a
# pass phrase.
# Note that a kill -1 will prompt again.
# A test certificate can be generated with "make certificate".
SSLCertificateFile /usr/local/ssl/demoCA/CAcert.pem

# Set SSLVerifyClient to:
# 0 if no certicate is required
# 1 if the client may present a valid certificate
# 2 if the client must present a valid certificate
SSLVerifyClient 0
# How deeply to verify before deciding they don't have a valid
# certificate
SSLVerifyDepth 10

# A home for miscellaneous rubbish generated by SSL. Much of it is
# duplicated in the error log file.
SSLLogFile /tmp/ssl.log


 

© 2002 CMP Media LLC. All Rights Reserved.
www.sysadminmag.com