Dear Debian folks, Am Freitag, den 23.01.2009, 17:41 +0100 schrieb Paul Menzel: > Could you please elaborate on the SSL part. > > I used make-ssl-cert from the ssl-cert package as described. But one > thing is not clear for me. > > The snakeoil key file is stored under /etc/ssl/private/ which is only > readable by root. The pem-file is readable by everyone. > > $ ls -l /etc/ssl/certs/ssl-cert-snakeoil.pem > -rw-r--r-- 1 root root 631 2009-01-21 19:14 /etc/ssl/certs/ssl-cert-snakeoil.pem > > 1st question. Is there also a *.crt file created by default as the other > files seem to be symlinks to crt-files (ca-certificates)? If not, why > not? Running make-ssl-cert with custom setting also creates only an symbolic link (pem) which is associated with the crt file. > 2nd question. When I create another certificate for a different host > name, a crt file is stored somewhere. Is there a location recommended by > the FHS? /etc/? > > 3rd question. The created file is readable and writable by root only. I > tried it out and it worked, but how can it be read by www-data the user > for running apache? Thanks, Paul
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil