Entries getagged as a SSL

mod_gnutls before the wall driven

of written & stored under administration, Hosting, Internet, IT, Linux, website.

Since some time (several months already) I place because of SNI (server name Indication) on mod_gnutls instead of mod_ssl, so that I can use several SSL VHosts on an IP. Now yesterday has choked, however, mod_gnutls in his Cache under/var/cache/apache2/gnutls_cache what had some disagreeable results. Massive logging of "PANIC: fatal region error detected; run recovery" in [...] Massives Loggen von “PANIC: fatal region error detected; run recovery” in [...]

mod_ssl substitutes by mod_gnutls with the Apache2

of written & stored under administration, Linux, Windows.

In addition on Debian Lenny instal merely the package "libapache2 mod gnutls": aptitude instal libapache2 mod gnutls a2enmod gnutls a2dismod ssl/etc/apache2/ports.conf edit: <IfModule mod_gnutls.c> lists 443 </IfModule> intercertificates / Intermediate certificates simply to the SSL certificate suspend:  # cat www.commander1024.de.crt sub.class1.server.ca.pem> www.commander1024.de.pem SSL-Vhosts circumscribe: #   SSLCertificateFile   /etc/apache2/ssl/www.commander1024.de.crt #   SSLCertificateKeyFile [...] <IfModule mod_gnutls.c> Listen 443 </IfModule> Zwischenzertifikat / Intermediate Zertifikate einfach an das SSL-Zertifikat anhängen:   # cat www.commander1024.de.crt sub.class1.server.ca.pem > www.commander1024.de.pem SSL-Vhosts umschreiben: #    SSLCertificateFile    /etc/apache2/ssl/www.commander1024.de.crt #    SSLCertificateKeyFile  [...]

OpenSSL Cheat Sheet

of written & stored under administration, Hosting, IT, Linux, website, Windows.

Some OpenSSL orders which make easier the contact with valid and selfcertificated Zerfikaten terrifically. May be also used with pleasure as a reference ;-) A SSL key generate. The number at the end gives the key strength: openssl genrsa out MYDOMAIN.COM.key 2048 construction of a Certificate Signing Request (CSR). This can be submitted to the production of the certificate to a (valid) Reseller: openssl [...] Die Zahl am Ende gibt die Schlüsselstärke an: openssl genrsa -out MYDOMAIN.COM.key 2048 Erstellen eines Certificate Signing Request (CSR). Dieser kann zur Erzeugung des Zertifikats bei einem (validen) Reseller eingereicht werden: openssl [...]