Annotation of embedaddon/lighttpd/doc/outdated/ssl.txt, revision 1.1
1.1 ! misho 1: ===========
! 2: Secure HTTP
! 3: ===========
! 4:
! 5: ------------
! 6: Module: core
! 7: ------------
! 8:
! 9: :Author: Jan Kneschke
! 10: :Date: $Date: 2004/08/29 09:44:53 $
! 11: :Revision: $Revision: 1.2 $
! 12:
! 13: :abstract:
! 14: How to set up SSL in lighttpd
! 15:
! 16: .. meta::
! 17: :keywords: lighttpd, ssl
! 18:
! 19: .. contents:: Table of Contents
! 20:
! 21: Description
! 22: ===========
! 23:
! 24: lighttpd supports SSLv2 and SSLv3 if it is compiled against openssl.
! 25:
! 26: Configuration
! 27: -------------
! 28:
! 29: To enable SSL for the whole server you have to provide a valid
! 30: certificate and have to enable the SSL engine.::
! 31:
! 32: ssl.engine = "enable"
! 33: ssl.pemfile = "/path/to/server.pem"
! 34:
! 35: The HTTPS protocol does not allow you to use name-based virtual
! 36: hosting with SSL. If you want to run multiple SSL servers with
! 37: one lighttpd instance you must use IP-based virtual hosting: ::
! 38:
! 39: $SERVER["socket"] == "10.0.0.1:443" {
! 40: ssl.engine = "enable"
! 41: ssl.pemfile = "www.example.org.pem"
! 42: server.name = "www.example.org"
! 43:
! 44: server.document-root = "/www/servers/www.example.org/pages/"
! 45: }
! 46:
! 47: If you have a .crt and a .key file, cat them together into a
! 48: single PEM file:
! 49: ::
! 50:
! 51: $ cat host.key host.crt > host.pem
! 52:
! 53:
! 54: Self-Signed Certificates
! 55: ------------------------
! 56:
! 57: A self-signed SSL certificate can be generated like this: ::
! 58:
! 59: $ openssl req -new -x509 \
! 60: -keyout server.pem -out server.pem \
! 61: -days 365 -nodes
! 62:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ssl.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / lighttpd / doc / outdated