Novell LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION Installation Manual page 796
Hide thumbs
Also See for LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION:
- Manual (184 pages) ,
- Supplementary manual (50 pages) ,
- Quick manual (12 pages)
Table of Contents
Advertisement
When requesting an officially signed certificate, you do not send a certificate to the
CA. Instead, issue a Certificate Signing Request (CSR). To create a CSR, call the script
/usr/share/ssl/misc/CA.sh -newreq.
First the script asks for a password with which the CSR should be encrypted. Then you
are asked to enter a distinguished name. This requires you to answer a few questions,
such as country name or organization name. Enter valid data—everything you enter
here later shows up in the certificate and is checked. You do not need to answer every
question. If one does not apply to you or you want to leave it blank, use ".". Common
name is the name of the CA itself—choose a significant name, such as My company
CA. Last, a challenge password and an alternative company name must be entered.
Find the CSR in the directory from which you called the script. The file is named
newreq.pem.
40.6.2 Configuring Apache with SSL
The default port for SSL and TLS requests on the Web server side is 443. There is no
conflict between a "regular" Apache listening on port 80 and an SSL/TLS-enabled
Apache listening on port 443. In fact, HTTP and HTTPS can be run with the same
Apache instance. Usually separate virtual hosts are used to dispatch requests to port 80
and port 443 to separate virtual servers.
IMPORTANT: Firewall Configuration
Do not forget to open the firewall for SSL-enabled Apache on port 443. This
can be done with YaST as described in Section 43.4.1, "Configuring the Firewall
with YaST" (page 829).
To use SSL, it must be activated in the global server configuration. Open /etc/
sysconfig/apache2 in an editor and search for APACHE_MODULES. Add "ssl"
to the list of modules if it is not already present (mod_ssl is activated by default). Next,
search for APACHE_SERVER_FLAGS and add "SSL". If you have chosen to encrypt
your server certificate with a password, you should also increase the value for
APACHE_TIMEOUT, so you have enough time to enter the passphrase when Apache
starts. Restart the server to make these changes active. A reload is not sufficient.
778
Installation and Administration
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION
Related Products for Novell LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION
- NOVELL BUSINESS CONTINUITY CLUSTERING 1.0 - ADMINISTRATION
- NOVELL CLIENT 1.0 FOR LINUX - README
- NOVELL SENTINEL LOG MANAGER 1.0.0.4 - S
- NOVELL SENTINEL LOG MANAGER 1.0.0.5 - S
- NOVELL ZENWORKS 10 ASSET MANAGEMENT SP3 - MIGRATION GUIDE 10.3 23-03-2010
- NOVELL ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - COMMAND LINE UTILITIES REFERENCE 10.3 30-03-2010
- NOVELL ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - PREBOOT SERVICES AND IMAGING REFERENCE 10.3 16-04-2010
- NOVELL ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - ZENWORKS REPORTING SERVER 10.3 30-04-2010
- NOVELL ZENWORKS 7.2 LINUX MANAGEMENT - SCENARIOS 1 03-30-2007
- NOVELL OPEN WORKGROUP SUITE SMALL BUSINESS EDITION 9.3 - ADMINISTRATION 10-2007
- Novell SUSELINUX ENTERPRISE DESKTOP 10 KDE
- Novell SUSE LINUX ENTERPRISE DESKTOP 10 SP1 KDE
- Novell LINUX ENTERPRISE 10 SP1 - LINUX AUDIT
- NOVELL BUSINESS CONTINUITY CLUSTERING FOR NETWARE 1.1 - ADMINISTRATION
- NOVELL DATA SYNCHRONIZER - UPDATE 1
- NOVELL LINUX ENTERPRISE DESKTOP 11 - KDE