[Seaside] Re: [Pharo-project] Has anyone used Zodiac and Seaside to for https?

Sven Van Caekenberghe sven at stfx.eu
Thu Apr 18 21:40:10 UTC 2013 

On 18 Apr 2013, at 22:56, Sven Van Caekenberghe <sven at stfx.eu> wrote:

> 
> On 18 Apr 2013, at 22:23, Sven Van Caekenberghe <sven at stfx.eu> wrote:
> 
>> You could best test the httpsServer on its own (you need to get the certificate right).
> 
> I always forget how to make the key-cert.pem
> 
> This is one pointer that might help
> 
> http://devsec.org/info/ssl-cert.html
> 
> I believe it is the thing they call server.pem
> 
> Sven

Here is how it worked for me (the ZnSecureServer part):

sven at netbook:~/ssl$ openssl genrsa -out privkey.pem 1024
Generating RSA private key, 1024 bit long modulus
..........................................................++++++
.++++++
e is 65537 (0x10001)
sven at netbook:~/ssl$ openssl req -new -key privkey.pem -out certreq.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:BE
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:Hasselt
Organization Name (eg, company) [Internet Widgits Pty Ltd]:STfx.eu
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:Sven Van Caekenberghe
Email Address []:sven at stfx.eu

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
sven at netbook:~/ssl$ ls
certreq.csr  privkey.pem
sven at netbook:~/ssl$ openssl x509 -req -days 3650 -in certreq.csr -signkey privkey.pem -out newcert.pem
Signature ok
subject=/C=BE/ST=Some-State/L=Hasselt/O=STfx.eu/CN=Sven Van Caekenberghe/emailAddress=sven at stfx.eu
Getting Private key
sven at netbook:~/ssl$ ( openssl x509 -in newcert.pem; cat privkey.pem ) > server.pem



(ZnSecureServer on: 1443)
	certificate: '/home/sven/ssl/server.pem';
	logToTranscript;
	start;
	yourself.

More information about the seaside mailing list