part 3
Code:
______________________________________________________________________
STEP 4: Generating RSA private key for SERVER (1024 bit) [server.key]
429822 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
.........++++++
....++++++
e is 65537 (0x10001)
______________________________________________________________________
STEP 5: Generating X.509 certificate signing request for SERVER [server.csr]
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
1. Country Name (2 letter code) [XY]:US
2. State or Province Name (full name) [Snake Desert]:Maine
3. Locality Name (eg, city) [Snake Town]:Boothbay
4. Organization Name (eg, company) [Snake Oil, Ltd]:MyDevBox
5. Organizational Unit Name (eg, section) [Webserver Team]:webserver
6. Common Name (eg, FQDN) [www.snakeoil.dom]:www.mydevbox.org
7. Email Address (eg, name@fqdn) [www@snakeoil.dom]:info@guthnur.net
8. Certificate Validity (days) [365]:365
______________________________________________________________________
STEP 6: Generating X.509 certificate signed by own CA [server.crt]
Certificate Version (1 or 3) [3]:
Signature ok
subject=/C=US/ST=Maine/L=Boothbay/O=MyDevBox/OU=webserver/CN=www.mydevbox.org/emailAddress=info@guthnur.net
Getting CA Private Key
Verify: matching certificate & key modulus
Verify: matching certificate signature
../conf/ssl.crt/server.crt: OK
______________________________________________________________________
STEP 7: Enrypting RSA private key of CA with a pass phrase for security [ca.key]
The contents of the ca.key file (the generated private key) has to be
kept secret. So we strongly recommend you to encrypt the server.key file
with a Triple-DES cipher and a Pass Phrase.
Encrypt the private key now? [Y/n]: y
writing RSA key
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Fine, you're using an encrypted private key.
______________________________________________________________________
STEP 8: Enrypting RSA private key of SERVER with a pass phrase for security [server.key]
The contents of the server.key file (the generated private key) has to be
kept secret. So we strongly recommend you to encrypt the server.key file
with a Triple-DES cipher and a Pass Phrase.
Encrypt the private key now? [Y/n]: y
writing RSA key
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Fine, you're using an encrypted RSA private key.
______________________________________________________________________
RESULT: CA and Server Certification Files
o conf/ssl.key/ca.key
The PEM-encoded RSA private key file of the CA which you can
use to sign other servers or clients. KEEP THIS FILE PRIVATE!
o conf/ssl.crt/ca.crt
The PEM-encoded X.509 certificate file of the CA which you use to
sign other servers or clients. When you sign clients with it (for
SSL client authentication) you can configure this file with the
'SSLCACertificateFile' directive.
o conf/ssl.key/server.key
The PEM-encoded RSA private key file of the server which you configure
with the 'SSLCertificateKeyFile' directive (automatically done
when you install via APACI). KEEP THIS FILE PRIVATE!
o conf/ssl.crt/server.crt
The PEM-encoded X.509 certificate file of the server which you configure
with the 'SSLCertificateFile' directive (automatically done
when you install via APACI).
o conf/ssl.csr/server.csr
The PEM-encoded X.509 certificate signing request of the server file which
you can send to an official Certificate Authority (CA) in order
to request a real server certificate (signed by this CA instead
of our own CA) which later can replace the conf/ssl.crt/server.crt
file.
Congratulations that you establish your server with real certificates.
make[1]: Leaving directory `/root/Desktop/install_ispconfig/compile_aps/apache_1.3.37/src'
make[1]: Entering directory `/root/Desktop/install_ispconfig/compile_aps/apache_1.3.37'
===> [mktree: Creating Apache installation tree]
./src/helpers/mkdir.sh /root/ispconfig/httpd/bin
mkdir /root/ispconfig/httpd
mkdir /root/ispconfig/httpd/bin
./src/helpers/mkdir.sh /root/ispconfig/httpd/bin
./src/helpers/mkdir.sh /root/ispconfig/httpd/libexec
mkdir /root/ispconfig/httpd/libexec
./src/helpers/mkdir.sh /root/ispconfig/httpd/man/man1
mkdir /root/ispconfig/httpd/man
mkdir /root/ispconfig/httpd/man/man1
./src/helpers/mkdir.sh /root/ispconfig/httpd/man/man8
mkdir /root/ispconfig/httpd/man/man8
./src/helpers/mkdir.sh /root/ispconfig/httpd/conf
mkdir /root/ispconfig/httpd/conf
./src/helpers/mkdir.sh /root/ispconfig/httpd/conf/ssl.crt
mkdir /root/ispconfig/httpd/conf/ssl.crt
./src/helpers/mkdir.sh /root/ispconfig/httpd/conf/ssl.crl
mkdir /root/ispconfig/httpd/conf/ssl.crl
./src/helpers/mkdir.sh /root/ispconfig/httpd/conf/ssl.csr
mkdir /root/ispconfig/httpd/conf/ssl.csr
./src/helpers/mkdir.sh /root/ispconfig/httpd/conf/ssl.key
mkdir /root/ispconfig/httpd/conf/ssl.key
./src/helpers/mkdir.sh /root/ispconfig/httpd/conf/ssl.prm
mkdir /root/ispconfig/httpd/conf/ssl.prm
./src/helpers/mkdir.sh /root/ispconfig/httpd/htdocs
mkdir /root/ispconfig/httpd/htdocs
./src/helpers/mkdir.sh /root/ispconfig/httpd/htdocs/manual
mkdir /root/ispconfig/httpd/htdocs/manual
./src/helpers/mkdir.sh /root/ispconfig/httpd/icons
mkdir /root/ispconfig/httpd/icons
./src/helpers/mkdir.sh /root/ispconfig/httpd/cgi-bin
mkdir /root/ispconfig/httpd/cgi-bin
./src/helpers/mkdir.sh /root/ispconfig/httpd/include
mkdir /root/ispconfig/httpd/include
./src/helpers/mkdir.sh /root/ispconfig/httpd/include/xml
mkdir /root/ispconfig/httpd/include/xml
./src/helpers/mkdir.sh /root/ispconfig/httpd/logs
mkdir /root/ispconfig/httpd/logs
./src/helpers/mkdir.sh /root/ispconfig/httpd/logs
./src/helpers/mkdir.sh /root/ispconfig/httpd/proxy
mkdir /root/ispconfig/httpd/proxy
chown nobody /root/ispconfig/httpd/proxy
chgrp nobody /root/ispconfig/httpd/proxy
<=== [mktree]
===> [programs: Installing Apache httpd program and shared objects]
./src/helpers/install.sh -c -m 755 ./src/httpd /root/ispconfig/httpd/bin/httpd
./src/helpers/install.sh -c -m 644 ./src/support/httpd.8 /root/ispconfig/httpd/man/man8/httpd.8
<=== [programs]
===> [support: Installing Apache support programs and scripts]
./src/helpers/install.sh -c -m 755 -s ./src/support/ab /root/ispconfig/httpd/bin/ab
./src/helpers/install.sh -c -m 644 ./src/support/ab.8 /root/ispconfig/httpd/man/man8/ab.8
./src/helpers/install.sh -c -m 755 ./src/support/apachectl[*] /root/ispconfig/httpd/bin/apachectl
./src/helpers/install.sh -c -m 644 ./src/support/apachectl.8 /root/ispconfig/httpd/man/man8/apachectl.8
./src/helpers/install.sh -c -m 755 -s ./src/support/checkgid /root/ispconfig/httpd/bin/checkgid
./src/helpers/install.sh -c -m 755 -s ./src/support/htpasswd /root/ispconfig/httpd/bin/htpasswd
./src/helpers/install.sh -c -m 644 ./src/support/htpasswd.1 /root/ispconfig/httpd/man/man1/htpasswd.1
./src/helpers/install.sh -c -m 755 -s ./src/support/htdigest /root/ispconfig/httpd/bin/htdigest
./src/helpers/install.sh -c -m 644 ./src/support/htdigest.1 /root/ispconfig/httpd/man/man1/htdigest.1
./src/helpers/install.sh -c -m 755 ./src/support/dbmmanage[*] /root/ispconfig/httpd/bin/dbmmanage
./src/helpers/install.sh -c -m 644 ./src/support/dbmmanage.1 /root/ispconfig/httpd/man/man1/dbmmanage.1
./src/helpers/install.sh -c -m 755 -s ./src/support/logresolve /root/ispconfig/httpd/bin/logresolve
./src/helpers/install.sh -c -m 644 ./src/support/logresolve.8 /root/ispconfig/httpd/man/man8/logresolve.8
./src/helpers/install.sh -c -m 755 -s ./src/support/rotatelogs /root/ispconfig/httpd/bin/rotatelogs
./src/helpers/install.sh -c -m 644 ./src/support/rotatelogs.8 /root/ispconfig/httpd/man/man8/rotatelogs.8
./src/helpers/install.sh -c -m 755 ./src/support/apxs[*] /root/ispconfig/httpd/bin/apxs
./src/helpers/install.sh -c -m 644 ./src/support/apxs.8 /root/ispconfig/httpd/man/man8/apxs.8