Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apache Auth and Self-signed Cert Tutorials with FreeBSD

Posted by timothy on from the your-very-own-comp-list dept.

nullroute writes: " BSDVault has posted a solid tutorial on using Self-signed Certificates with Apache. It is actually a combination of two tutorials. The first tutorial is Basic Authentication for Apache. The second is Self-signed X.509 Certificate Generation (OpenSSL)."

4 of 6 comments (clear)

  1. "Solid" might be an overstatement by dsoltesz · · Score: 5, Informative
    The "Self-signed X.509 Certificate Generation" might be nifty. I've not tried such a thing, so I really can't comment, but if I need something like this, this tutorial will be the place I start.

    On the other hand, the "Basic Authentication for Apache" really only glances over the whole basic authentication idea... the instructions given are a good place to start, but a little more reading is recommended for folks who want to do this. There are a million and one pages out there very similar to this one -- I would have liked to have seen a more comprehensive tutorial.

    1. The tutorial makes an assumption about where apache is installed. Many administrators do not put it in the default place, instead opting to put all the web tools and files in a central location to make things easier for the web master.
    2. All the stuff in the .htaccess file can be put in the httpd.conf file, and probably should. .htaccess is a method for allowing web users to do their own sub-site configuration without bugging the webmaster. The webmaster should allow users to do this only if she wants to allow it, and should do her own access constraints and other configuration in the httpd.conf file.
    3. A discussion about preventing surfers from being able to read the .htaccess files that live in the htdocs tree would be a good addition to the tutorial.

    That's my $.02

  2. It's already there! by mirabilos · · Score: 2

    If you type
    $ man 8 ssl
    you get a basic introduction into this.

    --
    My Karma isn't excellent, damn it! (And /. still does not get UTF-8 right in 2012. Wow.)
  3. FreeBSDDiary has great tutorials too. by PunchMonkey · · Score: 1

    Also be sure to checkout the FreeBSD Diary [ http://freebsddiary.org/ ] for some great tutorials.

    They range from SSL protecting your services [ http://freebsddiary.org/stunnel.php ] to how to restart a service [ http://freebsddiary.org/hup.php ] for the real newbie.

    --
    I'll have something intelligent to add one of these days...
  4. Certs are too hard by kwerle · · Score: 1

    This is a pet peeve of mine of late. I tried to wade through this stuff to do secure IMAP, and it was a royal pain - so much so that I gave up.

    This stuff ought to just work.

    Disagree with me? Security should be hard?

    All the sshd distys I've used have simply installed and run. It CAN be that easy.