Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Stephen Adler wrote: > Guys, > > I'm using subversion with https access to the code repository and I > changed the hostname. So now when I try to use esvn, it complained that > my ssl cert was not issued by the correct host, and refused to connect to > the code repository. So I reissued the certificates by doing the > following > > > cd /etc/httpd/conf > rm ssl.crt/server.crt ssl.csr/server.csr ssl.key/server.key > make genkey > make certreq > make testcert > > but now two issues come up. First when I start httpd, it askes for the > passphase which I have to enter in by hand. I'm affraid this means that I > have to type something into the console every time I reboot the system. Your fear is well founded. There's a trick if you want a "passphrase-less" server cert (the usual warnings you'd expect about passphase-less ssh keys applies: it makes it easier for people who hack your server and steal your private key to impersonate your server): http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/sysadmin-guide/s1-secureserver-generatingkey.html > The send thing is that esvn now complians that I have an invalid > certificat... :( What's the trick? (Or rather, how does Red Hat configure > the keys and certificats so that https: works?) That page (and the subsequent ones) might answer that question. Matt -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |