[Snort-users] certificate verify error

Jill Tovey jill.tovey at ...8678...
Wed Apr 9 03:18:16 EDT 2003


On Tue, 2003-04-08 at 19:56, Erick Mechler wrote:
> :: curl -k https://jj.mandrake/snortcenter/sensor.php?
> :: 
> :: It seems to work (i.e doesn't return any errors)


I think I am just going to start again with these certificates and
create some more...

So, If I can just verify what I need to do:

/usr/bin/openssl genrsa -out ssl.key 1024

to generate a private key, and then:

/usr/bin/openssl req -new -x509 -days 365 -key ssl.key -out ssl.cert

to generate a certificate using the key.

and then where is the best place to put ssl.key and ssl.cert?
(my apache httpd.conf is in /etc/httpd/conf/)
Do I also need to generate another file from these two for the
SSLCACertificateFile ? 

And then when I add the pointers to certificates etc to httpd.conf like
this:

<VirtualHost https://jt.mandrake:443>        
	SSLEngine on
        SSLVerifyClient 2
        SSLVerifyDepth 10
        SSLCertificateFile /etc/httpd/conf/ssl.cert
        SSLCertificateKeyFile /etc/httpd/conf/ssl.key
        SSLVerifyClient require
        SSLCACertificateFile /etc/httpd/conf/ssl.cert
</VirtualHost>

I get an error on the line that is 
<VirtualHost https://jt.mandrake:443>

saying ":port must be numeric"

well it is numeric isn't it ?!

any help would be much appreciated.









More information about the Snort-users mailing list