apache + ssl + php (更新版)

| | Comments (0)

apache_1.3.29.tar.gz from http://httpd.apache.org/
openssl-0.9.7c.tar.gz from http://www.openssl.org/
php-4.3.3.tar.gz from http://www.php.net/
mod_ssl-2.8.16-1.3.29.tar.gz from http://www.modssl.org/

cd openssl-0.9.7c
./config -fPIC
make install

cd ../mod_ssl-2.8.16-1.3.29
./configure --with-apache=../apache_1.3.29 --with-ssl=../openssl-0.9.7c --prefix=/usr/local/apache

cd ../apache_1.3.29
./configure --prefix=/usr/local/apache --sysconfdir=/usr/local/apache/conf --enable-module=so \
--enable-shared=ssl --enable-module=ssl --enable-module=rewrite --enable-shared=rewrite
make certificate

STEP 0: Decide the signature algorithm used for certificate
The generated X.509 CA certificate can contain either
RSA or DSA based ingredients. Select the one you want to use.
Signature Algorithm ((R)SA or (D)SA) [R]:D (選 DSA)

WARNING! You're generating a DSA based certificate/key pair.
This implies that RSA based ciphers won't be available later,
which for your web server currently still means that mostly all
popular web browsers cannot connect to it. At least not until
you also generate an additional RSA based certificate/key pair
and configure them in parallel.

STEP 1: Generating DSA private key (1024 bit) [server.key]
Generating DSA private key via SnakeOil CA DSA parameters
109338882 semi-random bytes loaded
Generating DSA key, 1024 bits

STEP 2: Generating X.509 certificate signing request [server.csr]
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.

Leave a comment

March 2009

Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        

About this Entry

This page contains a single entry by Pank published on November 3, 2003 9:19 AM.

Postfix 的 MX relay was the previous entry in this blog.

postfix clean mail queue is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.