Novell LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION Installation Manual page 795
Hide thumbs
Also See for LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION:
- Manual (184 pages) ,
- Supplementary manual (50 pages) ,
- Quick manual (12 pages)
Table of Contents
Advertisement
Encrypting the server key with a password requires you to enter this password
every time you start the Web server. This makes it difficult to automatically start
the server on boot or to restart the Web server. Therefore, it is common sense to
say N to this question. Keep in mind that your key is unprotected when not en-
crypted with a password and make sure that only authorized persons have access
to the key.
IMPORTANT: Encrypting the Server Key
If you choose to encrypt the server key with a password, increase the
value for APACHE_TIMEOUT in /etc/sysconfig/apache2. Otherwise
you do not have enough time to enter the passphrase before the attempt
to start the server is stopped unsuccessfully.
The script's result page presents a list of certificates and keys it has generated. Contrary
to what the script outputs, the files have not been generated in the local directory conf,
but to the correct locations under /etc/apache2/.
The last step is to copy the CA certificate file from /etc/apache2/ssl.crt/ca
.crt to a location where your users can access it in order to incorporate it into the list
of known and trusted CAs in their Web browsers. Otherwise a browser complains that
the certificate was issued by an unknown authority. The certificate is valid for one year.
IMPORTANT: Self-Signed Certificates
Only use a self-signed certificate on a Web server that is accessed by people
who know and trust you as a certificate authority. It is not recommended to
use such a certificate on a public shop, for example.
Getting an Officially Signed Certificate
There are a number of official certificate authorities that sign your certificates. The
certificate is signed by a trustworthy third party, so can be fully trusted. Publicly oper-
ating secure Web servers usually have got an officially signed certificate.
The best-known official CAs are Thawte (http://www.thawte.com/) or Verisign
(http://www.verisign.com). These and other CAs are already compiled into
all browsers, so certificates signed by these certificate authorities are automatically ac-
cepted by the browser.
The Apache HTTP Server
777
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION
Related Products for Novell LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION
- NOVELL BUSINESS CONTINUITY CLUSTERING 1.0 - ADMINISTRATION
- NOVELL CLIENT 1.0 FOR LINUX - README
- NOVELL SENTINEL LOG MANAGER 1.0.0.4 - S
- NOVELL SENTINEL LOG MANAGER 1.0.0.5 - S
- NOVELL ZENWORKS 10 ASSET MANAGEMENT SP3 - MIGRATION GUIDE 10.3 23-03-2010
- NOVELL ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - COMMAND LINE UTILITIES REFERENCE 10.3 30-03-2010
- NOVELL ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - PREBOOT SERVICES AND IMAGING REFERENCE 10.3 16-04-2010
- NOVELL ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - ZENWORKS REPORTING SERVER 10.3 30-04-2010
- NOVELL ZENWORKS 7.2 LINUX MANAGEMENT - SCENARIOS 1 03-30-2007
- NOVELL OPEN WORKGROUP SUITE SMALL BUSINESS EDITION 9.3 - ADMINISTRATION 10-2007
- Novell SUSELINUX ENTERPRISE DESKTOP 10 KDE
- Novell SUSE LINUX ENTERPRISE DESKTOP 10 SP1 KDE
- Novell LINUX ENTERPRISE 10 SP1 - LINUX AUDIT
- NOVELL BUSINESS CONTINUITY CLUSTERING FOR NETWARE 1.1 - ADMINISTRATION
- NOVELL DATA SYNCHRONIZER - UPDATE 1
- NOVELL LINUX ENTERPRISE DESKTOP 11 - KDE