OpenSSL and certificates for our group's work

Ioannis Nompelis nompelis at nobelware.com
Tue Nov 6 04:37:45 UTC 2018


I have been doing some reading, especially after Tim's suggestions on looking
into SNI for my webserver's certificates, etc, etc. As a result, I have started
to look a lot into OpenSSL. And in fact, for the first time I started to
program with it (connecting an SSL layer over sockets that do web fetches).
While reading more about OpenSSL, I ran across this:

https://www.feistyduck.com/library/openssl%2dcookbook/online/ch-openssl.html

It is far from a good book, but the narration of the examples is very good
for somebody who knows what they are looking for.

But the reason I am sending this link to the list is to propose that we setup
our VPS to also act as a Certificate Authority (CA). To clarify, this is solely
for the purpose of our group having certificate validation for testing purposes
and for only our purposes.

If you scroll to about 4/5 of the this link, you will find that it is
possible, but it involves some busy work periodically.

Think about if this adds usefulness and we will talk about it at the HackFactory
on Wed.
IN



More information about the Friends mailing list