[CentOS] Creating your own CA and SSL certificates

Tue Aug 28 00:34:18 UTC 2007
Patrick <centos-list at puzzled.xs4all.nl>

On Mon, 2007-08-27 at 16:48 -0700, Kenneth Porter wrote:
> On Monday, August 27, 2007 5:19 PM -0400 Brian Mathis 
> <brian.mathis at gmail.com> wrote:
> 
> > I've found the /etc/pki directory, but can't find much information
> > about it.  I reviewed the openssl.cnf file, and it looks like it's not
> > completely set up, as many directories it references do not exist on
> > the system.
> 
> A good place to start is /etc/pki/tls/certs/Makefile.
> 
> I've just started using CentOS5, migrating from Fedora, so I'm not yet up 
> to speed on the relocation of OpenSSL from /usr/share/openssl to 
> /etc/pki/tls, but that Makefile is mostly what I used to create self-signed 
> certs, or I used variations of the commands it suggested.

I spent a couple of hours today trying to figure out how to make self
signed certs such that browsing to https://localhost would show the page
without complaining about not knowing the CA that issued the site's
certificate. If you bump into the solution I would appreciate it if you
could reply to this thread.

Regards,
Patrick