From 0ec93a585fb52894b76953291e90f5b41f3b543e Mon Sep 17 00:00:00 2001 From: Bob Beck Date: Wed, 29 Sep 1999 06:29:52 +0000 Subject: import apache 1.3.27 and mod_ssl 2.8.11 --- usr.sbin/httpd/conf/ssl.crt/README.CRT | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 usr.sbin/httpd/conf/ssl.crt/README.CRT (limited to 'usr.sbin/httpd/conf/ssl.crt/README.CRT') diff --git a/usr.sbin/httpd/conf/ssl.crt/README.CRT b/usr.sbin/httpd/conf/ssl.crt/README.CRT new file mode 100644 index 00000000000..9bf07a58a13 --- /dev/null +++ b/usr.sbin/httpd/conf/ssl.crt/README.CRT @@ -0,0 +1,33 @@ + + This is the ssl.crt/ directory of Apache/mod_ssl + where PEM-encoded X.509 Certificates for SSL are stored. + + Per default the following two files are provided: + + o server.crt: + This is the server certificate for Apache/mod_ssl, configured with the + SSLCertificateFile directive. Per default this is a dummy file, but may be + overwritten by the `make certificate' target under built-time. + + o snakeoil.crt: + This is the _DEMONSTRATION ONLY_ `Snake Oil' dummy server certificate. + NEVER USE THIS FOR REAL LIFE! INSTEAD USE A REAL CERTIFICATE! + + o snakeoil-ca.crt: + This is the certificate of the _DEMONSTRATION ONLY_ `Snake Oil' Certificate + Authority. This CA is used to sign the server.crt on `make certificate' + because self-signed server certificates are not accepted by all browsers. + NEVER USE THIS CA YOURSELF FOR REAL LIFE! INSTEAD EITHER USE A PUBLICALLY + KNOWN CA OR CREATE YOUR OWN CA! + + o ca-bundle.crt: + This is a bundle of CA root certificate for Apache/mod_ssl, configurable + with the SSLCACertificateFile directive. Per default it's disabled but can + be enabled for client authentication when the clients use certificates + signed by one of the commonly known public Certificate Authorities. + + You can view the ingredients of a particular certificate file in plain text + by running the command: + + $ openssl x509 -noout -text -in .crt + -- cgit v1.2.3