Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apache Auth and Self-signed Cert Tutorials with FreeBSD

Posted by timothy on from the your-very-own-comp-list dept.

nullroute writes: " BSDVault has posted a solid tutorial on using Self-signed Certificates with Apache. It is actually a combination of two tutorials. The first tutorial is Basic Authentication for Apache. The second is Self-signed X.509 Certificate Generation (OpenSSL)."

6 comments

  1. "Solid" might be an overstatement by dsoltesz · · Score: 5, Informative
    The "Self-signed X.509 Certificate Generation" might be nifty. I've not tried such a thing, so I really can't comment, but if I need something like this, this tutorial will be the place I start.

    On the other hand, the "Basic Authentication for Apache" really only glances over the whole basic authentication idea... the instructions given are a good place to start, but a little more reading is recommended for folks who want to do this. There are a million and one pages out there very similar to this one -- I would have liked to have seen a more comprehensive tutorial.

    1. The tutorial makes an assumption about where apache is installed. Many administrators do not put it in the default place, instead opting to put all the web tools and files in a central location to make things easier for the web master.
    2. All the stuff in the .htaccess file can be put in the httpd.conf file, and probably should. .htaccess is a method for allowing web users to do their own sub-site configuration without bugging the webmaster. The webmaster should allow users to do this only if she wants to allow it, and should do her own access constraints and other configuration in the httpd.conf file.
    3. A discussion about preventing surfers from being able to read the .htaccess files that live in the htdocs tree would be a good addition to the tutorial.

    That's my $.02

  2. It's already there! by mirabilos · · Score: 2

    If you type
    $ man 8 ssl
    you get a basic introduction into this.

    --
    My Karma isn't excellent, damn it! (And /. still does not get UTF-8 right in 2012. Wow.)
  3. *BSD is dying by Anonymous Coward · · Score: 0
    It is official; Netcraft confirms: *BSD is dying

    One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last in the recent Sys Admin comprehensive networking test.

    You don't need to be a Kreskin to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood. FreeBSD is the most endangered of them all, having lost 93% of its core developers.

    Let's keep to the facts and look at the numbers.

    OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.

    Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over t yet another charnel house.

    All major surveys show that *BSD hassteadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

    Fact: *BSD is dying

  4. FreeBSDDiary has great tutorials too. by PunchMonkey · · Score: 1

    Also be sure to checkout the FreeBSD Diary [ http://freebsddiary.org/ ] for some great tutorials.

    They range from SSL protecting your services [ http://freebsddiary.org/stunnel.php ] to how to restart a service [ http://freebsddiary.org/hup.php ] for the real newbie.

    --
    I'll have something intelligent to add one of these days...
  5. Certs are too hard by kwerle · · Score: 1

    This is a pet peeve of mine of late. I tried to wade through this stuff to do secure IMAP, and it was a royal pain - so much so that I gave up.

    This stuff ought to just work.

    Disagree with me? Security should be hard?

    All the sshd distys I've used have simply installed and run. It CAN be that easy.