ssl

Self-Signed SSL Certificates

Posted in

A self-signed certificate is an identity certificate that is signed by its own creator, rather than paying a certified third-party to sign it.

Instructions adapted from http://www.tc.umn.edu/~brams006/selfsign.html.

Rather than paying for an SSL certificate from a signing authority, we'll use a self-signed certificate to provide encryption in Apache. The client's web browser will prompt them to whether the certificate should be accepted or not - if that is going to be a problem, then you'll need to get a certificate from a recognized signing authority.

Create a directory, readable only by root to hold our working files:

mkdir ~/cert
chmod 600 ~/cert
cd ~/cert

Wildcard Certficates

Posted in

apache
ssl

SSL certificates that cover multiple hostnames in the same domain.

http://www.onlamp.com/pub/a/apache/2005/02/17/apacheckbk.html
http://www.cb1inc.com/2008/09/11/virtual-hosts-and-wildcard-ssl-certificates-with-apache-2.2
http://wiki.cacert.org/wiki/VhostTaskForce

SSL Logins for Drupal

Posted in

drupal
ssl

Guide to having Drupal login's protected by SSL.

Visit SSL Logins for Drupal

SSL with Lighttpd

Posted in

lighttpd
ssl

Use SSL encryption on your Lighttpd webserver.

Lighttpd installation
Lighttpd needs to be configured and compiled with SSL enabled:

./configure --with-openssl
make
make install

After lighty has been installed, you can confirm that it has been compiled with ssl enabled:

lighttpd -v

SSL Configuration

mkdir /root/lighttpdssl
openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 365 -nodes
chown nobody:nobody lighttpd.pem
chmod 600 lighttpd.pem

Edit /service/lighttpd/root/lighttpd.conf and add:

Secure Drupal login

Posted in

drupal
ssl

Make Drupal encrypt your login with SSL.

http://drupal.org/node/53567

Port 465

Posted in

smtp
ssl

An SSL-encrypted SMTP service so your users can send mail through your server without passing clear-text passwords across the network.

Set up the service directory, download John Simpson's SMTP run script, and set it's permissions:

cd /var/service
mkdir -m 1755 smtp-ssl
cd smtp-ssl
wget http://qmail.jms1.net/scripts/service-qmail-smtpd-run 
mv service-qmail-smtpd-run run
chmod 700 run

Edit /var/service/smtp-ssl/run and set the appropriate options:



IP=

PORT=465

SSL=1

SSL Encryption

Posted in

apache
ssl

Secure communication with your web server by using self-signed SSL certificates.

The typical method of enabling SSL encryption in Apache is to use mod_ssl. A downside of that approach is that SSL does not work with name-based Virtual Hosts (Why can't I use SSL with name-based/non-IP-based virtual hosts?).

Navigation

User login

Recent Updates

Performance

1 week 4 days ago
nginx

2 weeks 10 hours ago
Realtime Blackhole Lists

2 weeks 4 days ago
Queue Utilities

2 weeks 6 days ago
Authentication

3 weeks 5 days ago