On Mon, 2007-08-27 at 16:48 -0700, Kenneth Porter wrote:
On Monday, August 27, 2007 5:19 PM -0400 Brian Mathis brian.mathis@gmail.com wrote:
I've found the /etc/pki directory, but can't find much information about it. I reviewed the openssl.cnf file, and it looks like it's not completely set up, as many directories it references do not exist on the system.
A good place to start is /etc/pki/tls/certs/Makefile.
I've just started using CentOS5, migrating from Fedora, so I'm not yet up to speed on the relocation of OpenSSL from /usr/share/openssl to /etc/pki/tls, but that Makefile is mostly what I used to create self-signed certs, or I used variations of the commands it suggested.
I spent a couple of hours today trying to figure out how to make self signed certs such that browsing to https://localhost would show the page without complaining about not knowing the CA that issued the site's certificate. If you bump into the solution I would appreciate it if you could reply to this thread.
Regards, Patrick