| 1 |
Hello gentoo-user-ru, |
| 2 |
|
| 3 |
Íà÷àë íàñòðàèâàòü ñèñòåìó ïî ìàíóàëó |
| 4 |
http://www.gentoo.org/doc/en/virt-mail-howto.xml?style=printable |
| 5 |
|
| 6 |
Íà øàãå: |
| 7 |
5. SSL Certs for Postfix and Apache |
| 8 |
Next we're going to make a set of ssl certificates for postfix and apache. |
| 9 |
|
| 10 |
Íå óäà¸òñÿ ñëåäóþùåå: |
| 11 |
Äåëàþ êîìàíäû: |
| 12 |
# ./CA.pl -newca |
| 13 |
# ./CA.pl -newreq |
| 14 |
# ./CA.pl -sign |
| 15 |
Ïðîáëåìû ñ ïîäïèñüþ... |
| 16 |
|
| 17 |
âûäàåò ñëåäóþùåå: |
| 18 |
|
| 19 |
./CA.pl -newca |
| 20 |
CA certificate filename (or enter to create) |
| 21 |
|
| 22 |
Making CA certificate ... |
| 23 |
Generating a 1024 bit RSA private key |
| 24 |
............++++++ |
| 25 |
..++++++ |
| 26 |
writing new private key to '/etc/ssl/private/cakey.pem' |
| 27 |
Enter PEM pass phrase: |
| 28 |
Verifying - Enter PEM pass phrase: |
| 29 |
----- |
| 30 |
You are about to be asked to enter information that will be incorporated |
| 31 |
into your certificate request. |
| 32 |
What you are about to enter is what is called a Distinguished Name or a DN. |
| 33 |
There are quite a few fields but you can leave some blank |
| 34 |
For some fields there will be a default value, |
| 35 |
If you enter '.', the field will be left blank. |
| 36 |
----- |
| 37 |
Country Name (2 letter code) [RU]: |
| 38 |
State or Province Name (full name) [Nizhegorodskaya Oblast]: |
| 39 |
Locality Name (eg, city) [Nizhny Novgorod]: |
| 40 |
Organization Name (eg, company) [ZXC Site Ltd]: |
| 41 |
Organizational Unit Name (eg, section) []: |
| 42 |
Common Name (eg, YOUR name) [ZXC admin]: |
| 43 |
Email Address [kanogin@×××××.ru]: |
| 44 |
zxc misc # ./CA.pl -newreq |
| 45 |
Generating a 1024 bit RSA private key |
| 46 |
................++++++ |
| 47 |
......................................................................++++++ |
| 48 |
writing new private key to 'newreq.pem' |
| 49 |
----- |
| 50 |
You are about to be asked to enter information that will be incorporated |
| 51 |
into your certificate request. |
| 52 |
What you are about to enter is what is called a Distinguished Name or a DN. |
| 53 |
There are quite a few fields but you can leave some blank |
| 54 |
For some fields there will be a default value, |
| 55 |
If you enter '.', the field will be left blank. |
| 56 |
----- |
| 57 |
Country Name (2 letter code) [RU]: |
| 58 |
State or Province Name (full name) [Nizhegorodskaya Oblast]: |
| 59 |
Locality Name (eg, city) [Nizhny Novgorod]: |
| 60 |
Organization Name (eg, company) [ZXC Site Ltd]: |
| 61 |
Organizational Unit Name (eg, section) []: |
| 62 |
Common Name (eg, YOUR name) [ZXC admin]: |
| 63 |
Email Address [kanogin@×××××.ru]: |
| 64 |
|
| 65 |
Please enter the following 'extra' attributes |
| 66 |
to be sent with your certificate request |
| 67 |
A challenge password []:password |
| 68 |
An optional company name []: |
| 69 |
Request (and private key) is in newreq.pem |
| 70 |
zxc misc # ./CA.pl -sign |
| 71 |
Using configuration from /etc/ssl/openssl.cnf |
| 72 |
Error opening CA private key ./demoCA/private/cakey.pem |
| 73 |
10041:error:02001002:system library:fopen:No such file or directory:bss_file.c:278:fopen('./demoCA/private/cakey.pem','r') |
| 74 |
10041:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:280: |
| 75 |
unable to load CA private key |
| 76 |
Signed certificate is in newcert.pem |
| 77 |
|
| 78 |
Îäíàêî ôàéë newcert.pem íå ñîçäàåòñÿ... |
| 79 |
èñêàë ïî âñåì ðàçäåëàì... |
| 80 |
|
| 81 |
È òàê ïîëó÷àåòñÿ, ÿ íå ìîãó ñäåëàòü ñëåäóþùèå øàãè: |
| 82 |
|
| 83 |
# cp newcert.pem /etc/postfix |
| 84 |
# cp newreq.pem /etc/postfix |
| 85 |
# cp demoCA/cacert.pem /etc/postfix |
| 86 |
|
| 87 |
Êòî ìîæåò ïîìî÷ü ïî äàííîìó âîïðîñó? |
| 88 |
|
| 89 |
-- |
| 90 |
Ñ íàèëó÷øèìè ïîæåëàíèÿìè, |
| 91 |
Êàíîãèí Ñàøà mailto:kanogin@×××××.ru |
| 92 |
mobile: +78313149172 |
| 93 |
icq: 597854 |
| 94 |
Ñàéò ãðóïï ÂÌ ÍÂÔ ÍÃÒÓ: http://www.22vm.nnov.ru |
| 95 |
Ôîðóì ãðóïï ÂÌ ÍÂÔ ÍÃÒÓ: http://www.forum.22vm.nnov.ru |
| 96 |
|
| 97 |
|
| 98 |
-- |
| 99 |
gentoo-user-ru@g.o mailing list |
Archives