This is RedHat''s answer from Tech Support... Thought you''d
find it
interesting:
The test certificate generation was removed from the Red Hat 6.1
Professinal Edition due to licensing issues with the encryption, however
you can download a free test certificate from www.thawt.com or
verisign.com (The thawt one lasts 30 days, verisign lasts 24 hours) This
should allow you to use the SSL temporarily until you purchase a full SSL
key.
-----Original Message-----
From: Mark P. [mailto:markp@pitnet.net]
Sent: Monday, January 03, 2000 10:27 AM
To: redhat-secure-server@redhat.com
Subject: Re: make testcert problem!
Subject: RE: make testcert
Resent-Date: 6 Dec 1999 17:37:00 -0000
Resent-From: redhat-secure-server@redhat.com
Resent-CC: recipient list not shown: ;
Date: Mon, 6 Dec 1999 11:34:49 -0600
From: "Morris, Joel"
<jmorri15@sprintspectrum.com>
Reply-To: redhat-secure-server@redhat.com
To: "''Timothy Ayodele''"
<toa@ttns.net>,
redhat-secure-server@redhat.com
CC: "Morris, Joel"
<jmorri15@sprintspectrum.com>
Sorry,
I missed a flag.
It should be
/usr/sbin/openssl req -new -x509 -key ssl.key/server.key -out
ssl.crt/server.crt
Instead of
/usr/sbin/openssl req -new -key ssl.key/server.key -out ssl.crt/server.crt
Hope this works,
Joel
Gene Harris wrote:
> On 3 Jan 2000, Kevin U. wrote:
>
> > Everything went fine until I was trying to create a "test"
certificate.
In the> > /etc/httpd/conf directory, the command "make testcert"
returned:
> >
> > "NO RULE: for make testcert, EXITED" error.
> >
> > I tried just "make" and it returned something telling me to
use either
"make> > genkey" or "make certreq" BUT no make testcert??
> >
> > Need some pointers. Thanks!
> >
>
> I had the same issue. The Makefile does not have an entry
> for testcert, and Redhat had not filed any errata back in
> November when I installed.
>
> I ended up getting a test certificate from Verisign.
>
> Gene Harris
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com http://archive.redhat.com
> To unsubscribe: mail redhat-secure-server-request@redhat.com with
> "unsubscribe" as the Subject.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-secure-server-request@redhat.com with
"unsubscribe" as the Subject.
Actually, now that Thwarte is owned by VeriSign, you can only get a test cert from VeriSign (www.verisign.com). DAVID At 10:33 AM 1/4/00 -0500, you wrote:>This is RedHat''s answer from Tech Support... Thought you''d find it >interesting: > >The test certificate generation was removed from the Red Hat 6.1 >Professinal Edition due to licensing issues with the encryption, however >you can download a free test certificate from www.thawt.com or >verisign.com (The thawt one lasts 30 days, verisign lasts 24 hours) This >should allow you to use the SSL temporarily until you purchase a full SSL >key. > >-----Original Message----- >From: Mark P. [mailto:markp@pitnet.net] >Sent: Monday, January 03, 2000 10:27 AM >To: redhat-secure-server@redhat.com >Subject: Re: make testcert problem! > > >Subject: RE: make testcert > Resent-Date: 6 Dec 1999 17:37:00 -0000 > Resent-From: redhat-secure-server@redhat.com > Resent-CC: recipient list not shown: ; > Date: Mon, 6 Dec 1999 11:34:49 -0600 > From: "Morris, Joel" <jmorri15@sprintspectrum.com> > Reply-To: redhat-secure-server@redhat.com > To: "''Timothy Ayodele''" <toa@ttns.net>, >redhat-secure-server@redhat.com > CC: "Morris, Joel" <jmorri15@sprintspectrum.com> > >Sorry, > >I missed a flag. > >It should be >/usr/sbin/openssl req -new -x509 -key ssl.key/server.key -out >ssl.crt/server.crt > >Instead of >/usr/sbin/openssl req -new -key ssl.key/server.key -out ssl.crt/server.crt > >Hope this works, > >Joel > >Gene Harris wrote: > > > On 3 Jan 2000, Kevin U. wrote: > > > > > Everything went fine until I was trying to create a "test" certificate. >In the > > > /etc/httpd/conf directory, the command "make testcert" returned: > > > > > > "NO RULE: for make testcert, EXITED" error. > > > > > > I tried just "make" and it returned something telling me to use either >"make > > > genkey" or "make certreq" BUT no make testcert?? > > > > > > Need some pointers. Thanks! > > > > > > > I had the same issue. The Makefile does not have an entry > > for testcert, and Redhat had not filed any errata back in > > November when I installed. > > > > I ended up getting a test certificate from Verisign. > > > > Gene Harris > > > > -- > > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > > http://www.redhat.com http://archive.redhat.com > > To unsubscribe: mail redhat-secure-server-request@redhat.com with > > "unsubscribe" as the Subject. > > >-- > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > http://www.redhat.com http://archive.redhat.com > To unsubscribe: mail redhat-secure-server-request@redhat.com with > "unsubscribe" as the Subject. > > >-- > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > http://www.redhat.com http://archive.redhat.com > To unsubscribe: mail redhat-secure-server-request@redhat.com with > "unsubscribe" as the Subject.--------------------------------------------------- David A. Lane, CNE Technical Director ManTech International Corp. +1.703.218.6367 VOICE +1.703.218.8391 FAX PGP ID: 679DF4EE
Just for clarification, I hope I''m right. I got a test certificate from Verisign right after Christmas. It is good for 14 days, not 24 hours. Kelley On Tue, 4 Jan 2000, Dan Mount wrote:> This is RedHat''s answer from Tech Support... Thought you''d find it > interesting: > > The test certificate generation was removed from the Red Hat 6.1 > Professinal Edition due to licensing issues with the encryption, however > you can download a free test certificate from www.thawt.com or > verisign.com (The thawt one lasts 30 days, verisign lasts 24 hours) This > should allow you to use the SSL temporarily until you purchase a full SSL > key. > > -----Original Message----- > From: Mark P. [mailto:markp@pitnet.net] > Sent: Monday, January 03, 2000 10:27 AM > To: redhat-secure-server@redhat.com > Subject: Re: make testcert problem! > > > Subject: RE: make testcert > Resent-Date: 6 Dec 1999 17:37:00 -0000 > Resent-From: redhat-secure-server@redhat.com > Resent-CC: recipient list not shown: ; > Date: Mon, 6 Dec 1999 11:34:49 -0600 > From: "Morris, Joel" <jmorri15@sprintspectrum.com> > Reply-To: redhat-secure-server@redhat.com > To: "''Timothy Ayodele''" <toa@ttns.net>, > redhat-secure-server@redhat.com > CC: "Morris, Joel" <jmorri15@sprintspectrum.com> > > Sorry, > > I missed a flag. > > It should be > /usr/sbin/openssl req -new -x509 -key ssl.key/server.key -out > ssl.crt/server.crt > > Instead of > /usr/sbin/openssl req -new -key ssl.key/server.key -out ssl.crt/server.crt > > Hope this works, > > Joel > > Gene Harris wrote: > > > On 3 Jan 2000, Kevin U. wrote: > > > > > Everything went fine until I was trying to create a "test" certificate. > In the > > > /etc/httpd/conf directory, the command "make testcert" returned: > > > > > > "NO RULE: for make testcert, EXITED" error. > > > > > > I tried just "make" and it returned something telling me to use either > "make > > > genkey" or "make certreq" BUT no make testcert?? > > > > > > Need some pointers. Thanks! > > > > > > > I had the same issue. The Makefile does not have an entry > > for testcert, and Redhat had not filed any errata back in > > November when I installed. > > > > I ended up getting a test certificate from Verisign. > > > > Gene Harris > > > > -- > > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > > http://www.redhat.com http://archive.redhat.com > > To unsubscribe: mail redhat-secure-server-request@redhat.com with > > "unsubscribe" as the Subject. > > > -- > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > http://www.redhat.com http://archive.redhat.com > To unsubscribe: mail redhat-secure-server-request@redhat.com with > "unsubscribe" as the Subject. > > > -- > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > http://www.redhat.com http://archive.redhat.com > To unsubscribe: mail redhat-secure-server-request@redhat.com with > "unsubscribe" as the Subject. >
You can get test and signed certificates from any Certificate Authority that you choose. The Red Hat Apache/SSL Server documentation covered VeriSign and Thawte as examples of how to go about getting certificates, but you can get certificates from other sources. For example, you can get a free test certificate and you can get non-free signed certificates from Equifax: http://www.equifaxsecure.com/ebusinessid/index.html Carole Williams Technical Writer Red Hat, Inc. On Tue, 4 Jan 2000, David A. Lane wrote:> Actually, now that Thwarte is owned by VeriSign, you can only get a test > cert from VeriSign (www.verisign.com). > > DAVID > > At 10:33 AM 1/4/00 -0500, you wrote: > >This is RedHat''s answer from Tech Support... Thought you''d find it > >interesting: > > > >The test certificate generation was removed from the Red Hat 6.1 > >Professinal Edition due to licensing issues with the encryption, however > >you can download a free test certificate from www.thawt.com or > >verisign.com (The thawt one lasts 30 days, verisign lasts 24 hours) This > >should allow you to use the SSL temporarily until you purchase a full SSL > >key. > > > >-----Original Message----- > >From: Mark P. [mailto:markp@pitnet.net] > >Sent: Monday, January 03, 2000 10:27 AM > >To: redhat-secure-server@redhat.com > >Subject: Re: make testcert problem! > > > > > >Subject: RE: make testcert > > Resent-Date: 6 Dec 1999 17:37:00 -0000 > > Resent-From: redhat-secure-server@redhat.com > > Resent-CC: recipient list not shown: ; > > Date: Mon, 6 Dec 1999 11:34:49 -0600 > > From: "Morris, Joel" <jmorri15@sprintspectrum.com> > > Reply-To: redhat-secure-server@redhat.com > > To: "''Timothy Ayodele''" <toa@ttns.net>, > >redhat-secure-server@redhat.com > > CC: "Morris, Joel" <jmorri15@sprintspectrum.com> > > > >Sorry, > > > >I missed a flag. > > > >It should be > >/usr/sbin/openssl req -new -x509 -key ssl.key/server.key -out > >ssl.crt/server.crt > > > >Instead of > >/usr/sbin/openssl req -new -key ssl.key/server.key -out ssl.crt/server.crt > > > >Hope this works, > > > >Joel > > > >Gene Harris wrote: > > > > > On 3 Jan 2000, Kevin U. wrote: > > > > > > > Everything went fine until I was trying to create a "test" certificate. > >In the > > > > /etc/httpd/conf directory, the command "make testcert" returned: > > > > > > > > "NO RULE: for make testcert, EXITED" error. > > > > > > > > I tried just "make" and it returned something telling me to use either > >"make > > > > genkey" or "make certreq" BUT no make testcert?? > > > > > > > > Need some pointers. Thanks! > > > > > > > > > > I had the same issue. The Makefile does not have an entry > > > for testcert, and Redhat had not filed any errata back in > > > November when I installed. > > > > > > I ended up getting a test certificate from Verisign. > > > > > > Gene Harris > > > > > > -- > > > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > > > http://www.redhat.com http://archive.redhat.com > > > To unsubscribe: mail redhat-secure-server-request@redhat.com with > > > "unsubscribe" as the Subject. > > > > > >-- > > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > > http://www.redhat.com http://archive.redhat.com > > To unsubscribe: mail redhat-secure-server-request@redhat.com with > > "unsubscribe" as the Subject. > > > > > >-- > > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > > http://www.redhat.com http://archive.redhat.com > > To unsubscribe: mail redhat-secure-server-request@redhat.com with > > "unsubscribe" as the Subject. > > --------------------------------------------------- > David A. Lane, CNE > Technical Director > ManTech International Corp. > +1.703.218.6367 VOICE > +1.703.218.8391 FAX > PGP ID: 679DF4EE > > > -- > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > http://www.redhat.com http://archive.redhat.com > To unsubscribe: mail redhat-secure-server-request@redhat.com with > "unsubscribe" as the Subject. >
On Tue, 4 Jan 2000 14:14:13 -0500 (EST), apache@tellico.net wrote:> Just for clarification, I hope I''m right. I got a test certificate from >Verisign right after Christmas. It is good for 14 days, not 24 hours.>> The test certificate generation was removed from the Red Hat 6.1 >> Professinal Edition due to licensing issues with the encryption, however >> you can download a free test certificate from www.thawt.com or >> verisign.com (The thawt one lasts 30 days, verisign lasts 24 hours) This >> should allow you to use the SSL temporarily until you purchase a full SSL >> key.So they split the difference? ;) Homer Parker (The Bogus One) http://www.homershut.net telnet://bbs.homershut.net Get PAID to surf the ''Net! http://www.alladvantage.com/go.asp?refid=AXU272 "We don''t leave backdoors in any products." - Microsoft Windows NT security product manager Scott Culp.