
The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Login

How would you rate the importance of default settings in security?

	Critical
	Very Important
	Important
	Useful
	Not important

Advisories

Community

Linux User Groups

Link to Us

Security Center

Security Dictionary

SELinux

White Papers

Featured Blogs

Emily Ratliff: OS Security

DanWalsh LiveJournal

Security Bloggers Network

Latest Newsletters

Linux Security Week: July 8th, 2008

Linux Advisory Watch: July 4th, 2008

LinuxSecurity Newsletters

Get the LinuxSecurity news you want faster with RSS

Powered By

SSL Certificates HOWTO

SSL Certificates HOWTO

Franck Martin

A first hand approach on how to manage a certificate authority (CA), and issue or sign certificates to be used for secure web, secure e-mail, or signing code and other usages.

Table of Contents

1. Generalities

1.1. Introduction

1.1.1. Disclaimer and Licence
1.1.2. Prior knowledge

1.2. What is SSL and what are Certificates?

1.2.1. Private Key/Public Key:
1.2.2. The Certificate:
1.2.3. The Symmetric key:
1.2.4. Encryption algorithm:
1.2.5. The Hash:
1.2.6. Signing:
1.2.7. PassPhrase:
1.2.8. Public Key Infrastructure

1.3. What about S/Mime or other protocols?

2. Certificate Management

2.1. Installation

2.1.1. The CA.pl utility
2.1.2. The openssl.cnf file
2.1.3. Create the Certification Authority

2.2. Create a Root Certification Authority Certificate.

2.3. Create a non root Certification Authority Certificate.

2.4. Install the CA root certificate as a Trusted Root Certificate

2.4.1. In Netscape/Mozilla
2.4.2. In Galeon
2.4.3. In Opera
2.4.4. In Internet Explorer

2.5. Certificate management

2.5.1. Generate and Sign a certificate request
2.5.2. Revoke a certificate
2.5.3. Renew a certificate
2.5.4. Display a certificate
2.5.5. The index.txt file
2.5.6. Build your web based Certificate Authority

3. Using Certificates in Applications

3.1. Securing Internet Protocols.

3.1.1. Using a certificate with mod_ssl in apache
3.1.2. Using a certificate with IMAPS
3.1.3. Using a certificate with POPS
3.1.4. Using a certificate with Postfix
3.1.5. Using a certificate with Stunnel
3.1.6. Generate and Sign a key with Microsoft Key Manager

3.2. Securing E-mails.

3.2.1. Generate and use an s/mime certificate
3.2.2. To use this certificate with MS Outlook
3.2.3. To use this certificate with MS Outlook Express
3.2.4. To use this certificate with Netscape Messenger
3.2.5. To use this certificate with Evolution
3.2.6. To use this certificate with Balsa
3.2.7. To use this certifcate with KMail

3.3. Securing Files

3.3.1. WinCrypt

3.4. Securing Code

3.4.1. Micosoft Code

3.5. IPSec

3.5.1. FreeS/WAN

4. Global PKI

4.1. Current PKIs
4.2. The need for a Global PKI


		Generalities

Partner:

Latest Features

Security Features of Firefox 3.0

Review: The Book of Wireless

April 2008 Open Source Tool of the Month: sudo

Open Source Tool of March: ZoneMinder

Meet the Anti-Nmap: PSAD

Open Source Tool of February: Nmap!

HowTo: Secure your Ubuntu Apache Web Server

Yesterday's Edition

TrueCrypt 6.0: Better Software for the Paranoid

Unpatched Web Browsers Prevalent on the Internet

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
Security Projects , Latest News , Newsletters , SELinux , Privacy , Home,
Hardening , About Us, Advertise, Legal Notice, RSS, Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.