summaryrefslogtreecommitdiff
path: root/share
diff options
context:
space:
mode:
authorBob Beck <beck@cvs.openbsd.org>2000-10-24 21:50:25 +0000
committerBob Beck <beck@cvs.openbsd.org>2000-10-24 21:50:25 +0000
commitb20e2335aef9c38d8580cc807ce37960701570c4 (patch)
tree4a17e078e76be4dbe3cc98de6e128facebb1a5a3 /share
parentfd24d8ad40593cf260b24d82e66636e78182ac51 (diff)
Add the punchline to the procedure for making web server certificates
to indicate that people should test their server with a self signed certificate, then simply replace the certificate with a real one to go production.
Diffstat (limited to 'share')
-rw-r--r--share/man/man8/ssl.813
1 files changed, 12 insertions, 1 deletions
diff --git a/share/man/man8/ssl.8 b/share/man/man8/ssl.8
index cd1111c0b6b..285b6a1482d 100644
--- a/share/man/man8/ssl.8
+++ b/share/man/man8/ssl.8
@@ -172,7 +172,18 @@ with the
.Ar -DSSL
flag, enabling
.Ar https
-transactions with your machine on port 443.
+transactions with your machine on port 443.
+.Pp
+You will most likely want to generate a self-signed certificate in the
+manner above along with your certificate signing request to test your
+server's functionality even if you are going to have the certificate
+signed by another Certifying Authority. Once your Certifying
+Authority returns the signed certificate to you, you can switch to
+using the new certificate by replacing the self-signed
+.Pa /etc/ssl/server.crt
+with the certificate signed by your Certifying Authority, and then
+restarting
+.Xr httpd 8
.Sh BUGS
.Pp
The world needs more