Ftp web hosting - Chapter 6 . Securing Linux 223 Each signing
Chapter 6 . Securing Linux 223 Each signing authority has different deals, prices, and products. Check out each of the signing authorities listed in the Using Third-Party Certificate Signers section earlier in this chapter to determine which works best for you. The following are areas where signing authorities differ: . Credibility and stability . Pricing . Browser recognition . Warranties . Support . Certificate strength For good comparisons, studies, and inside information to make the job of finding an SSL signer easier, go to www.whichssl.org. Creating a Certificate Service Request To create a third-party validated SSL certificate, you start with a Certificate Service Request (CSR). To create a CSR, do the following on your Web server: # cd /etc/httpd/conf # make certreq umask 77 ; /usr/bin/openssl genrsa -des3 1024 > /etc/httpd/conf/ssl.key/server.key … You are asked to enter a password to secure your private key. This password should be at least eight characters long, and should not be a dictionary word or contain numbers or punctuation. The characters you type do not appear on the screen to prevent someone from shoulder surfing your password. Enter the password once again to verify. The certificate generation process now begins. At this point, it is time to start adding some identifying information to the certificate that the third-party source will later validate. Before you can do this, you must unlock the private key you just created. Do so by typing the password you just created. Then enter information as you are prompted. Here s an example of a session for adding information for a certificate: Enter pass phrase for /etc/httpd/conf/ssl.key/server.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN.
Visit our web design programs services for an affordable and reliable webhost to suit all your needs.