Changes between Version 5 and Version 6 of faq/security/get-certificate


Ignore:
Timestamp:
Jul 26, 2010, 11:43:11 AM (11 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • faq/security/get-certificate

    v5 v6  
    1616Then, you will need to submit your certificate signing request to a certificate authority, such as [http://startssl.com StartSSL], [http://rapidssl.com RapidSSL] or [http://cacert.org cacert]. I've never tried StartSSL, but they will provide certificates for free that they claim work in all major browsers. RapidSSL costs $79 per certificate and can generate a certificate for you that will be accepted by nearly all browsers on the planet. cacert will generate a certificate for free but users will need to import the cacert root certificate or they will get errors. We have a [ticket:1706 raging debate] about which approach is the best to take.
    1717 
     18In these examples domain.csr and domain.key are the file names provided. These filenames are arbitrary and can be anything you want (for example, I would recommend replacing domain with your actual domain, e.g. mayfirst.org.key and mayfirst.org.csr, so it is easier to keep track of the domains for which they are being generated.
     19
    1820=== Generating a key and signing request for the first time ===
    1921
     
    4648}}}
    4749
     50== Examining your certificate signing request ==
     51
     52If you want to get a human-readable view of what you just created (to check for typos), you can type:
     53
     54{{{
     55openssl req -in domain.csr -text -verify -noout
     56}}}
     57
    4858== Testing your certificate file ==
    4959