Исходное сообщение
"Быстрое поднятие SSL для Apache под FreeBSD (freebsd apache ssl security crypt)" Отправлено asv2001, 17-Дек-05 17:26
Может кому поможет. Как и все тут я не сразу настроил апач. Чел видимо у кого то неправильно передрал статью и куча букв повылетало. Я тут почитал как под виндой настраивать (http://tud.at/programm/apache-ssl-win32-howto.php3) и слепил все воедино. Вот что вышло. У меня работает. <--! /install/soft/openssl/ssl/openssl.cnf --> [ CA_default ] dir             = /install/soft/httpd/conf/ssl  # Where everything is kept certs           = $dir/ssl.crt          # Where the issued certs are kept crl_dir         = $dir/ssl.crl          # Where the issued crl are kept database        = $dir/index.txt        # database index file. #unique_subject = no                    # Set to 'no' to allow creation of                                         # several ctificates with same subject. new_certs_dir   = $dir/ssl.crt          # default place for new certs. certificate     = $dir/nemesida-ca.pem  # The CA certificate serial          = $dir/serial           # The current serial number #crlnumber      = $dir/crlnumber                # the current crl number must be                                                 # commented out to leave a V1 CR L crl             = $dir/ssl.crl/nemesida.crl     # The current CRL private_key     = $dir/nemesida-ca.key  # The private key RANDFILE        = $dir/ssl.key/.rand    # private random number file x509_extensions = usr_cert              # The extentions to add to the cert <--! /install/soft/openssl/ssl/openssl.cnf --> mkdir /install/soft/httpd/conf/ssl cd /install/soft/httpd/conf/ssl mkdir ssl.crl mkdir ssl.crt mkdir ssl.csr mkdir ssl.key openssl req -config /install/soft/openssl/ssl/openssl.cnf -new -x509 -keyout ssl.key/nemesida-ca.pem -out nemesida-ca.pem -days 3650 openssl rsa -in ssl.key/nemesida-ca.pem -out nemesida-ca.key openssl x509 -in nemesida-ca.pem -out nemesida-ca.crt touch index.txt echo '01' > serial openssl req -config /install/soft/openssl/ssl/openssl.cnf -new -keyout ssl.key/https.asv.kr.ua.pem -out ssl.csr/https.asv.kr.ua.pem openssl rsa -in ssl.key/https.asv.kr.ua.pem -out https.asv.kr.ua.key openssl ca -config /install/soft/openssl/ssl/openssl.cnf -policy policy_anything -out ssl.crt/https.asv.kr.ua.pem -infiles ssl.csr/https.asv.kr.ua.pem openssl x509 -in ssl.crt/https.asv.kr.ua.pem -out ssl.crt/https.asv.kr.ua.crt openssl ca -gencrl -out ssl.crl/https.asv.kr.ua.pem <--! /install/soft/httpd/conf/ssl.conf --> <IfDefine SSL> SSLRandomSeed startup builtin SSLRandomSeed connect builtin Listen 443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl    .crl SSLPassPhraseDialog  builtin SSLSessionCache         dbm:/install/soft/httpd/logs/ssl_scache SSLSessionCacheTimeout  300 SSLMutex  file:/install/soft/httpd/logs/ssl_mutex <VirtualHost _default_:443>     DocumentRoot "/install/servers/www/htdocs/ssl"     ServerName https.asv.kr.ua:443     ServerAdmin asv2001@gmail.com     ErrorLog /install/soft/httpd/logs/error_log     TransferLog /install/soft/httpd/logs/access_log     SSLEngine on     SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL     SSLCertificateFile /install/soft/httpd/conf/ssl/ssl.crt/https.asv.kr.ua.crt     SSLCertificateKeyFile /install/soft/httpd/conf/ssl/https.asv.kr.ua.key     SSLCACertificateFile /install/soft/httpd/conf/ssl/nemesida-ca.crt     SSLCARevocationFile /install/soft/httpd/conf/ssl/ssl.crl/https.asv.kr.ua.pem     <FilesMatch "\.(cgi|shtml|phtml|php|php3?)$">         SSLOptions +StdEnvVars     </FilesMatch>     <Directory "/install/servers/www/cgi-bin">         SSLOptions +StdEnvVars     </Directory>     SetEnvIf User-Agent ".*MSIE.*" \              nokeepalive ssl-unclean-shutdown \              downgrade-1.0 force-response-1.0     CustomLog /install/soft/httpd/logs/ssl_request_log \               "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"     </VirtualHost> </IfDefine> <--! /install/soft/httpd/conf/ssl.conf --> и наконец ./apachectl startssl

Ваше сообщение
Имя*:
EMail:	Для отправки ответов на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email). Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:	> Может кому поможет. Как и все тут я не сразу настроил апач. > Чел видимо у кого то неправильно передрал статью и куча букв > повылетало. Я тут почитал как под виндой настраивать (http://tud.at/programm/apache-ssl-win32-howto.php3) > и слепил все воедино. Вот что вышло. У меня работает. > <--! /install/soft/openssl/ssl/openssl.cnf --> > [ CA_default ] > dir > = /install/soft/httpd/conf/ssl # Where everything is kept > certs = > $dir/ssl.crt # > Where the issued certs are kept > crl_dir = $dir/ssl.crl > # Where the > issued crl are kept > database = $dir/index.txt > # database index file. > #unique_subject = no > # > Set to 'no' to allow creation of > > > > # several ctificates with same > subject. > new_certs_dir = $dir/ssl.crt > # default place for new certs. > certificate = $dir/nemesida-ca.pem # The CA certificate > serial = $dir/serial > # > The current serial number > #crlnumber = $dir/crlnumber > > # the current crl number must be > > > > > # commented out to leave a V1 CR > L > crl > = $dir/ssl.crl/nemesida.crl # The current CRL > private_key = $dir/nemesida-ca.key # The private key > RANDFILE = $dir/ssl.key/.rand > # private random number file > x509_extensions = usr_cert > # The extentions to add to the > cert > <--! /install/soft/openssl/ssl/openssl.cnf --> > mkdir /install/soft/httpd/conf/ssl > cd /install/soft/httpd/conf/ssl > mkdir ssl.crl > mkdir ssl.crt > mkdir ssl.csr > mkdir ssl.key > openssl req -config /install/soft/openssl/ssl/openssl.cnf -new -x509 -keyout ssl.key/nemesida-ca.pem > -out nemesida-ca.pem -days 3650 > openssl rsa -in ssl.key/nemesida-ca.pem -out nemesida-ca.key > openssl x509 -in nemesida-ca.pem -out nemesida-ca.crt > touch index.txt > echo '01' > serial > openssl req -config /install/soft/openssl/ssl/openssl.cnf -new -keyout ssl.key/https.asv.kr.ua.pem > -out ssl.csr/https.asv.kr.ua.pem > openssl rsa -in ssl.key/https.asv.kr.ua.pem -out https.asv.kr.ua.key > openssl ca -config /install/soft/openssl/ssl/openssl.cnf -policy policy_anything -out > ssl.crt/https.asv.kr.ua.pem -infiles ssl.csr/https.asv.kr.ua.pem > openssl x509 -in ssl.crt/https.asv.kr.ua.pem -out ssl.crt/https.asv.kr.ua.crt > openssl ca -gencrl -out ssl.crl/https.asv.kr.ua.pem > <--! /install/soft/httpd/conf/ssl.conf --> > <IfDefine SSL> > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > Listen 443 > AddType application/x-x509-ca-cert .crt > AddType application/x-pkcs7-crl .crl > SSLPassPhraseDialog builtin > SSLSessionCache dbm:/install/soft/httpd/logs/ssl_scache > SSLSessionCacheTimeout 300 > SSLMutex file:/install/soft/httpd/logs/ssl_mutex > <VirtualHost _default_:443> > DocumentRoot "/install/servers/www/htdocs/ssl" > ServerName https.asv.kr.ua:443 > ServerAdmin asv2001@gmail.com > ErrorLog /install/soft/httpd/logs/error_log > TransferLog /install/soft/httpd/logs/access_log > SSLEngine on > SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL > SSLCertificateFile /install/soft/httpd/conf/ssl/ssl.crt/https.asv.kr.ua.crt > SSLCertificateKeyFile /install/soft/httpd/conf/ssl/https.asv.kr.ua.key > SSLCACertificateFile /install/soft/httpd/conf/ssl/nemesida-ca.crt > SSLCARevocationFile /install/soft/httpd/conf/ssl/ssl.crl/https.asv.kr.ua.pem > <FilesMatch "\.(cgi|shtml|phtml|php|php3?)$"> > SSLOptions +StdEnvVars > </FilesMatch> > <Directory "/install/servers/www/cgi-bin"> > SSLOptions +StdEnvVars > </Directory> > SetEnvIf User-Agent ".*MSIE.*" \ > nokeepalive ssl-unclean-shutdown > \ > downgrade-1.0 force-response-1.0 > CustomLog /install/soft/httpd/logs/ssl_request_log \ > "%t > %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" > </VirtualHost> > </IfDefine> > <--! /install/soft/httpd/conf/ssl.conf --> > и наконец ./apachectl startssl
	Введите код, изображенный на картинке: