113 lines
4.1 KiB
HTML
113 lines
4.1 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
|
|
<TITLE>Building a Secure RedHat Apache Server HOWTO: Purpose/Scope of this Guide</TITLE>
|
|
<LINK HREF="SSL-RedHat-HOWTO-2.html" REL=next>
|
|
|
|
<LINK HREF="SSL-RedHat-HOWTO.html#toc1" REL=contents>
|
|
</HEAD>
|
|
<BODY>
|
|
<A HREF="SSL-RedHat-HOWTO-2.html">Next</A>
|
|
Previous
|
|
<A HREF="SSL-RedHat-HOWTO.html#toc1">Contents</A>
|
|
<HR>
|
|
<H2><A NAME="s1">1. Purpose/Scope of this Guide</A></H2>
|
|
|
|
<P>The purpose of this guide is to assist RedHat Linux users with the
|
|
installation of server (SSL) certificates using the Apache web server. The
|
|
goal is to provide a clear procedure that will save time and, in many cases,
|
|
money!
|
|
<P>
|
|
<P>First, I will cover what you need to know about the SSL protocol and
|
|
digital certificates. In my experience, building an Apache web server with
|
|
ModSSL and OpenSSL is the most beneficial software combination. OpenSSL is
|
|
a general-purpose cryptography library that supports the SSL v2/v3 and TLS
|
|
v1 protocols. ModSSL is an Apache API module designed to act as an
|
|
interface between Apache and OpenSSL. The biggest advantage is that all
|
|
three packages are free.
|
|
<P>
|
|
<P>Then, beginning with Section 4, I will go through the step-by-step
|
|
procedures for generating keys and installing certificates on a
|
|
RedHat-Apache server compiled with ModSSL and OpenSSL. The procedures in
|
|
Section 4 will also work with commercial SSL-server packages such as
|
|
Stronghold and Raven that are closely related to Apache.
|
|
<P>
|
|
<P>Disclaimer: I am a technical support engineer for Equifax Secure Inc., a
|
|
Certificate Authority. Therefore, I use Equifax Secure certificates and
|
|
examples geared towards installing Equifax Secure certificates. However,
|
|
the instructions will also work with certificates issued by other
|
|
Certificate Authorities. Since this document was written at my own
|
|
initiative, Equifax Secure Inc. is neither liable nor accountable for any
|
|
consequences resulting from the use of these procedures.
|
|
<P>
|
|
<!--
|
|
(your index root)!introduction
|
|
-->
|
|
|
|
<P><EM>My comments to the reader is in this style (emphasized)</EM>.
|
|
<P><CODE>Example lines are in plain roman style</CODE>.
|
|
<P><EM>Note that extra comments and advice is found in comments
|
|
within the SGML source.</EM>
|
|
<P>
|
|
<P>
|
|
<H2><A NAME="ss1.1">1.1 About Secure Sockets Layer (SSL)</A>
|
|
</H2>
|
|
|
|
<P>SSL is a presentation layer service, located between the TCP and the
|
|
application layer. It is platform and application independent. SSL is
|
|
responsible for the management of a secure communications channel between
|
|
the client and server. SSL provides a strong mechanism for encrypting data
|
|
transferred between a client and a server.
|
|
<P>
|
|
<P>
|
|
<H2><A NAME="ss1.2">1.2 FeedBack</A>
|
|
</H2>
|
|
|
|
<P>Comments on this guide may be directed to the author
|
|
(<CODE>richard.sigle@equifax.com</CODE>).
|
|
<P>
|
|
<P>
|
|
<H2><A NAME="ss1.3">1.3 Copyrights and Trademarks</A>
|
|
</H2>
|
|
|
|
<P>Copyright (c) 2001 by Richard L. Sigle
|
|
<P>
|
|
<P>Please freely copy and distribute this document in any format. It's
|
|
requested that corrections and/or comments be forwarded to the document
|
|
maintainer. You may create a derivative work and distribute it provided that
|
|
you:
|
|
<UL>
|
|
<LI>Send your derivative work (in the most suitable format such as sgml)
|
|
to the
|
|
<A HREF="http://www.LinuxDoc.org/">LDP</A> (Linux
|
|
Documentation Project) or the like for posting on the
|
|
Internet. If not the LDP, then let the LDP know where it is available.</LI>
|
|
<LI>License the derivative work with this same license or use GPL. Include
|
|
a copyright notice and at least a pointer to the license used.</LI>
|
|
<LI>Give due credit to previous authors and major contributors.</LI>
|
|
</UL>
|
|
<P>
|
|
<P>
|
|
<P>If you're considering making a derived work other than a translation, it's
|
|
requested that you discuss your plans with the current maintainer.
|
|
<P>
|
|
<!--
|
|
(your index root)!news on
|
|
-->
|
|
<P>
|
|
<H2><A NAME="ss1.4">1.4 Acknowledgements and Thanks</A>
|
|
</H2>
|
|
|
|
<P>I would like to thank Tony Villasenor for tirelessly reading my drafts and
|
|
offering his input and advice. Without Tony, this document would never have
|
|
been finished.
|
|
<P>
|
|
<P>
|
|
<HR>
|
|
<A HREF="SSL-RedHat-HOWTO-2.html">Next</A>
|
|
Previous
|
|
<A HREF="SSL-RedHat-HOWTO.html#toc1">Contents</A>
|
|
</BODY>
|
|
</HTML>
|