TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:18208] SSL tutorial
- To: tclug-list@mn-linux.org
- Subject: Re: [TCLUG:18208] SSL tutorial
- From: David Carter <dcarter@visi.com>
- Date: Fri, 26 May 2000 13:34:48 -0500
- In-Reply-To: <Pine.GSO.4.10.10005261326231.22846-100000@isis.visi.com>; from Timothy Wilson on Fri, May 26, 2000 at 01:27:01PM -0500
- References: <20000526125702.F3504@visi.com> <Pine.GSO.4.10.10005261326231.22846-100000@isis.visi.com>
- User-Agent: Mutt/0.96.1i
On Fri, May 26, 2000 at 01:27:01PM -0500, Timothy Wilson wrote:
> On Fri, 26 May 2000, David Carter wrote:
>
> > Have you looked at the mod_ssl documentation yet? I set it up a while back,
> > and I don't recall it as being terribly difficult. You just need OpenSSL
> > already installed, and the rest is pretty easy. The main thing you need to
> > get is a server certificate (from Verisign or Thawte, usually) which
> > identifies the server. Once you have that, it's no harder than adding any
> > other Apache module. (The best way is to use apxs...)
>
> OK, that doesn't seem too bad. How much does the certificate cost? Is it a
> one-time fee or a subscription?
The usual renewal term is 1 year. As I recall, Thawte was ~$175 per year,
and Verisign was ~4-5 times that. It's not something I'd pay for as an
individual, but an organization is entirely different. If you just want to
play around with SHTTP, there's scattered documentation on making a
certificate signed by a bogus CA you create. (When browsers go to it,
they'll pop up a warning window about it being an untrusted site until the
user imports the cert for the CA you created, or you get an 'official'
cert.)
--
David Carter ** dcarter@visi.com
Network Engineer -- VISI.com
PGP Key 581CBE61: E07EE199C767C752 8A8B1A9F015BF2EA
Key available by finger or www.keyserver.net.