3,704
edits
Changes
Jump to navigation
Jump to search
mLine 1:
Line 1: − Extracted from: http://forums.contribs.org/index.php?topic=34624.0+ + + − Author: slords − updated: unnilennium (http://bugs.contribs.org/show_bug.cgi?id=1370)+ + + + + + + + Line 11:
Line 19: − Make a file named <b>cacert_csr_request</b>+ + + Line 115:
Line 125: − + + Line 139:
Line 150: − + − + + + + + +
Add Ctegory security and note
{{usefulnote}}
== Introduction ==
From [http://en.wikipedia.org/wiki/CAcert.org wikipedia]
<nowiki>
CAcert.org is a community-driven certificate authority that issues free public key certificates to the public (unlike other certificate authorities which are commercial and sell certificates). CAcert has over 200,000 verified users and has issued nearly 800,000 certificates as of January 2012. These certificates can be used to digitally sign and encrypt email, authenticate and authorize users connecting to websites and secure data transmission over the Internet. Any application that supports the Secure Socket Layer (SSL) can make use of certificates signed by CAcert, as can any application that uses X.509 certificates, e.g. for encryption or code signing and document signatures.
</nowiki>
== Prerequisites ==
* An account on cacert.org
** Your domain(s) registered on your CAcert.org account
== creating .csr and .key files ==
== creating .csr and .key files ==
cd ~/cacert
cd ~/cacert
* Create a file named cacert_csr_request
nano -w cacert_csr_request
#!/usr/bin/perl
#!/usr/bin/perl
== obtain .crt file from cacert==
== obtain .crt file from cacert==
*Paste the output into the cacert.org website and get your certificate
*Log into you account on the cacert.org and Add your FQDN under domains
*and paste the output of the belowcommand under new server certificate
cat {domain}.csr
cat {domain}.csr
signal-event reboot
signal-event reboot
or alternatively, this should works:
or if you do not want to reboot your server:
signal-event domain-update
signal-event domain-modify
signal-event email-update
signal-event email-update
Once you have created/installed this certificate then if the client has the cacert.org root certificate installed then they should be able to go to any domain on your box and not get a warning.
Once you have created/installed this certificate then if the client has the cacert.org root certificate installed then they should be able to go to any domain on your box and not get a warning.
== References ==
* Extracted from: http://forums.contribs.org/index.php?topic=34624.0 (slords)
* http://bugs.contribs.org/show_bug.cgi?id=1370 (unnilennium)
----
----
[[Category:Howto]]
[[Category:Howto]]
[[Category:Administration:Certificates]]
[[Category:Administration:Certificates]]
[[Category:Security]]