[Seaside] Re: [Pharo-project] Has anyone used Zodiac and Seaside to
for https?
Sven Van Caekenberghe
sven at stfx.eu
Thu Apr 18 21:40:10 UTC 2013
On 18 Apr 2013, at 22:56, Sven Van Caekenberghe <sven at stfx.eu> wrote:
>
> On 18 Apr 2013, at 22:23, Sven Van Caekenberghe <sven at stfx.eu> wrote:
>
>> You could best test the httpsServer on its own (you need to get the certificate right).
>
> I always forget how to make the key-cert.pem
>
> This is one pointer that might help
>
> http://devsec.org/info/ssl-cert.html
>
> I believe it is the thing they call server.pem
>
> Sven
Here is how it worked for me (the ZnSecureServer part):
sven at netbook:~/ssl$ openssl genrsa -out privkey.pem 1024
Generating RSA private key, 1024 bit long modulus
..........................................................++++++
.++++++
e is 65537 (0x10001)
sven at netbook:~/ssl$ openssl req -new -key privkey.pem -out certreq.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:BE
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:Hasselt
Organization Name (eg, company) [Internet Widgits Pty Ltd]:STfx.eu
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:Sven Van Caekenberghe
Email Address []:sven at stfx.eu
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
sven at netbook:~/ssl$ ls
certreq.csr privkey.pem
sven at netbook:~/ssl$ openssl x509 -req -days 3650 -in certreq.csr -signkey privkey.pem -out newcert.pem
Signature ok
subject=/C=BE/ST=Some-State/L=Hasselt/O=STfx.eu/CN=Sven Van Caekenberghe/emailAddress=sven at stfx.eu
Getting Private key
sven at netbook:~/ssl$ ( openssl x509 -in newcert.pem; cat privkey.pem ) > server.pem
(ZnSecureServer on: 1443)
certificate: '/home/sven/ssl/server.pem';
logToTranscript;
start;
yourself.
More information about the seaside
mailing list