Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Software Apache

Apache Auth and Self-signed Cert Tutorials with FreeBSD 6

Posted by timothy from the your-very-own-comp-list dept.
nullroute writes: " BSDVault has posted a solid tutorial on using Self-signed Certificates with Apache. It is actually a combination of two tutorials. The first tutorial is Basic Authentication for Apache. The second is Self-signed X.509 Certificate Generation (OpenSSL)."
This discussion has been archived. No new comments can be posted.

Apache Auth and Self-signed Cert Tutorials with FreeBSD More

Apache Auth and Self-signed Cert Tutorials with FreeBSD

Comments Filter:

  • "Solid" might be an overstatement (Score:5, Informative)

    by dsoltesz ( 563978 ) <deborah.soltesz@gmail.com> on Sunday April 14, 2002 @06:01PM (#3340327) Homepage Journal
    The "Self-signed X.509 Certificate Generation" might be nifty. I've not tried such a thing, so I really can't comment, but if I need something like this, this tutorial will be the place I start.

    On the other hand, the "Basic Authentication for Apache" really only glances over the whole basic authentication idea... the instructions given are a good place to start, but a little more reading is recommended for folks who want to do this. There are a million and one pages out there very similar to this one -- I would have liked to have seen a more comprehensive tutorial.

    1. The tutorial makes an assumption about where apache is installed. Many administrators do not put it in the default place, instead opting to put all the web tools and files in a central location to make things easier for the web master.
    2. All the stuff in the .htaccess file can be put in the httpd.conf file, and probably should. .htaccess is a method for allowing web users to do their own sub-site configuration without bugging the webmaster. The webmaster should allow users to do this only if she wants to allow it, and should do her own access constraints and other configuration in the httpd.conf file.
    3. A discussion about preventing surfers from being able to read the .htaccess files that live in the htdocs tree would be a good addition to the tutorial.

    That's my $.02

  • If you type
    $ man 8 ssl
    you get a basic introduction into this.
  • Also be sure to checkout the FreeBSD Diary [ http://freebsddiary.org/ [freebsddiary.org] ] for some great tutorials.

    They range from SSL protecting your services [ http://freebsddiary.org/stunnel.php [freebsddiary.org] ] to how to restart a service [ http://freebsddiary.org/hup.php [freebsddiary.org] ] for the real newbie.
  • This is a pet peeve of mine of late. I tried to wade through this stuff to do secure IMAP, and it was a royal pain - so much so that I gave up.

    This stuff ought to just work.

    Disagree with me? Security should be hard?

    All the sshd distys I've used have simply installed and run. It CAN be that easy.

Slashdot Top Deals

An authority is a person who can tell you more about something than you really care to know.

Close