-----Original Message----- From: Andy Buckley [mailto:Andy.Buckley@xxxxxxxxxxxx] Sent: Wednesday, June 21, 2006 13:48 To: users@xxxxxxxxxxxxxxxx Subject: Re: [users@httpd] Certificates and keys Savage, Robert CTR USTRANSCOM J6 wrote: > I'm reconstructing a web site and having certificate trouble. > http://localhost/ displays the test file at DocumentRoot > "F:\www\Apache2\htdocs", but https://locahost/ gives me the old "The page > cannot be displayed" error. > > Is there a way to show that a file "server.key" is the private key for a > "server.cert" certificate? This is probably what you want: http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#verify Andy -- Dr Andy Buckley: CEDAR @ IPPP, Durham Work: www.cedar.ac.uk www.insectnation.org Andy, Thanks very much for the pointer. Now I must ask one last (and very ignorant) question: Do the following results really say that server.key doesn't go with server.cert? $ openssl x509 -noout -text -in server.cert | openssl md5 fc68929f3a1863b9f8870ea38a3c84cc $ openssl rsa -noout -modulus -in server.key | openssl md5 Enter pass phrase for server.key: c4f9ce1f4d8291507da0aaa805cab3fd $ openssl req -noout -modulus -in ../server.csr | openssl md5 c4f9ce1f4d8291507da0aaa805cab3fd I ask this question because I have several subdirectories each supposedly containing master copies of the server.cert and server.key files for our web servers. I've repeated the above sequence in each of those subdirectories with similar results: the server.key and server.csr files share common MD5s, but the server.cert file does not. If they should all have a common md5, then I believe I'll have to replace all my certificates. Bummer. --Doc
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
|