Date: Mon, 16 Apr 2001 16:08:32 +1200 From: kit <kit@hypostasis.com> To: questions@freebsd.org Subject: OpenSSL certificate signing Message-ID: <20010416160832.A35693@amethyst.hypostasis.com>
next in thread | raw e-mail | index | archive | help
Hi I was looking for the CA.pl et al. to sign a certificate for internal use. In the process I discovered that also the man pages were selective in their install - OK that seems to be controlled by #WANT_OPENSSL_MANPAGES= true which points out that it overwrites some system manpages. OK Next step try the modssl port (A sneaky feeling that the openssl one was not a goer) as the mod ssl page keeps coming up as the resource on certificate signing. But I need to do it as a part of the apache+modssl port - maybe later I try a make extract on the openssl port - forbidden openssl already installed. Ok Ok I guessed that already :) poking around in /usr/src/crypto seems to indicate that all the bits are there, but just not installed. Hmm. Nothing in /etc/defaults/make.conf seems relevant. This seems to indicate that I'm probably taking the wrong approach especially when I note the dates in CA.sh Apr-96. I'm 95 years too early. So what is the best way to sign the certificates? Is it that the commandline tool is it in its bare bones? Or that there is another tool hidden somewhere (probably in plain sight) Or is the FreeBSD openssl config more suitable to signing than the bare original? I guess the next step is a make extract on apache+modssl to have a look at sign.sh. Any pointers or references to current documnetation would be greatly appreciated, --kit To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010416160832.A35693>