[Tclhttpd-users] Re: Generating Certs for TclHttpd.

[Brent W. <we...@pa...>]

I'll attach the readme that I put together the last time I created certs.
I believe this is newer than what is on the book's CD.  I would appreciate
it if you would try stepping through this and telling me specifically
what steps don't work.  We should end up with working directions!

>>>Angel Sosa said:
 >     Dear Mr Welch,
 > 
 >        I am sure you receive tons of email but if you permit me I would 
 > like to ask a question about TclHttpd. I have been using it for the last 
 > six months with a lot of success. I would like to move to the next level and
      
 > enable the SSL portion of the web server. I have all of the modules 
 > needed in order for SSL to work and  the supporting TCL packages. I have 
 > SSL working in other scenarios. But I am having a lot of trouble 
 > applying the Keys, PEMS and the CERTS under the proper categories with in th
     e 
 > tclhttpd.rc configuration file. Just for additional information, I have 
 > tested the same setup with Apache 2.x and SSL works fine. I 
 > also have a VPN working with SSL. The only Web server I am running is 
 > TclHttpd. The port 80 stuff works just fine. I have also taken traces 
 > with Ethereal. I have traced the traffic going to 443. The hello packet 
 > goes out but soon after that the TclHttpd resets the connection. 443 is 
 > only used by TclHttpd. And it has also been tried on other ports as well 
 > including 8016. And I still have not been successful with same results as 44
     3.
 > 
 >     Would you be able to supply a complete sample of a literal 
 > openssl.cnf configuration file, literal instructions to generate the 
 > keys, self signed certs, requests and root CA? Please assume that I am signi
     ng 
 > my own certs. And finally any changes that need to be made to match the 
 > openssl.cnf and the tclhttpd.rc configuration file.  I have tried 
 > various examples to no avail. I have also used the TLS tcl package piece 
 > to other sites and it works just fine. I have followed the example in 
 > your readme that is included with the CD of your latest book. But to no 
 > avail when it comes to SSL as it relates to TclHttpd.
 > 
 >     Thank you Mr. Welch for your time. If their is someone you can refer 
 > me to in case you do not have the time, that would  work too.
 > 
 >     Angel Sosa xt...@am...
 > 

--
Brent Welch
Software Architect, Panasas Inc
Delivering the premier storage system for scalable Linux clusters

www.panasas.com
we...@pa...