Hi,
We are considering a migration from IIS to apache2 on a win2k server. I
got mod_ssl up and running with a self-signed sertificate but I hit the
wall when I tried to reuse our existing certificate signed from a CA.
Unfortunately this is a show stopper.
I have only a .cer file:
openssl x509 -in <hostname>.crt -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:...
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=...
Validity
Not Before: ...
Not After : ...
Subject: C=...
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:...
Exponent: ...
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:36:...
X509v3 Subject Key Identifier:
7D:..
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3...
CPS: https://...
X509v3 CRL Distribution Points:
URI:http://...
URI:http://...
email:...
Netscape Cert Type:
SSL Client, SSL Server
Signature Algorithm: sha1WithRSAEncryption
18:...
-----BEGIN CERTIFICATE-----
MIIF...
-----END CERTIFICATE-----
I copied the <hostname>.crt to Apache2\conf\ssl but when I started Apache
I got :
[Tue Nov 22 10:56:20 2005] [error] Init: SSLPassPhraseDialog builtin is
not supported on Win32 (key file C:/Program Files/Apache
Group/Apache2/conf/ssl/<hostname>.crt)
I do not have neither the certificate signing request not the private key
for this certificate. Is it possible to reuse it in Apache? How?
TIA
Vesselin
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|