[thelist] Homegrown SSL

Ken Schaefer ken at adOpenStatic.com
Wed Mar 24 05:28:37 CST 2004


----- Original Message ----- 
From: "Liam Delahunty" <liam at megaproducts.co.uk>
To: <thelist at lists.evolt.org>
Sent: Wednesday, March 24, 2004 8:31 PM
Subject: Re: [thelist] Homegrown SSL


: on 24/03/2004 08:41 david.landy wrote:
: > Rob,
: >
: > "Home grown SSL cert"? Sounds v intruiging! I've often wondered how I
could
: > save myself forking out hundreds of £££ just for the privilege of having
a
: > secure site. Any clues how to do this?
: >
: > David
:
: A search with homegrown SSL led to the links below.
:
: to create your own CA:
: http://www.pseudonym.org/ssl/ssl_cook.html
:
: Just to generate the cert on a server:
: http://www.pseudonym.org/ssl/ssl_server_certs.html#request
:
: http://www.tiad.buffalo.edu/CertRequest.html
:
: Apache-SSL,
: http://www.verisign.com/support/tlc/csr/ssleay/v01.html
: apache mod_ssl
: http://www.verisign.com/support/tlc/csr/modssl/v00.html
:
: These are self signed certificates, for an example visit the site
: https://www.onlinesales.co.uk/ and you'll probably get a pop-up from
: your browser telling you the certificate is okay but you haven't chosen
: to trust the CA. That's why we pay for thawte etc certs as they are
: already trusted by most browsers. I've not used them but a cheaper
: alternative is geotrust.


And for IIS & Certificates Services:
http://www.pseudonym.org/ssl/ssl_cook.html
or, if you do not want a CA, you can generate a self-signed cert:
http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en

Cheers
Ken



More information about the thelist mailing list