On Mon, 2007-08-27 at 16:48 -0700, Kenneth Porter wrote: > On Monday, August 27, 2007 5:19 PM -0400 Brian Mathis > <brian.mathis at gmail.com> wrote: > > > I've found the /etc/pki directory, but can't find much information > > about it. I reviewed the openssl.cnf file, and it looks like it's not > > completely set up, as many directories it references do not exist on > > the system. > > A good place to start is /etc/pki/tls/certs/Makefile. > > I've just started using CentOS5, migrating from Fedora, so I'm not yet up > to speed on the relocation of OpenSSL from /usr/share/openssl to > /etc/pki/tls, but that Makefile is mostly what I used to create self-signed > certs, or I used variations of the commands it suggested. I spent a couple of hours today trying to figure out how to make self signed certs such that browsing to https://localhost would show the page without complaining about not knowing the CA that issued the site's certificate. If you bump into the solution I would appreciate it if you could reply to this thread. Regards, Patrick