From owner-freebsd-questions Tue Aug 17 12:46:29 1999 Delivered-To: freebsd-questions@freebsd.org Received: from nisser.com (n2000039.telekabel.chello.nl [212.187.0.39]) by hub.freebsd.org (Postfix) with ESMTP id 60DD114EA8 for ; Tue, 17 Aug 1999 12:46:26 -0700 (PDT) (envelope-from roelof@nisser.com) Received: from nisser.com (roelof [10.0.0.2]) by nisser.com (8.9.2/8.9.2) with ESMTP id VAA09347; Tue, 17 Aug 1999 21:44:57 +0200 (CEST) (envelope-from roelof@nisser.com) Message-ID: <37B9BBA6.AC80624F@nisser.com> Date: Tue, 17 Aug 1999 21:44:38 +0200 From: Roelof Osinga Organization: eboa - engineering buro Office Automation X-Mailer: Mozilla 4.6 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: big-sky@altavista.net Cc: Freebsd-Questions Subject: Re: Certificate Howto References: <000001bee8c8$41f17900$0201010a@cmr.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Mark Einreinhof wrote: > > Is there a Howto/FAQ that explains "make certificate type=*" ? I just want > to create a cert that contains my info so I know when I pointed my browser > to my server to go secure, I got my server and no longer get the SnakeOil > cert. I don't need all the fancy Verisign, etc. stuff. The SSLeay docs describe how to do that. Can't easily tell you since it's been over a year since I did it. But it wasn't that hard. Basically you first generate a CA certificate and then use that to certify your own certificate. Most browser will allow you to add such a self signed certificate. Roelof PS also noticed that the O'Reilly apache book has a chapter about SSL including making certificates. But I just bought it and haven't had time to do more than browse it. -- Home is where the (@) http://eboa.com/ is. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message