]>
Commit | Line | Data |
---|---|---|
d153bbe3 | 1 | --- cups-1.1.10/ENCRYPTION.txt.orig Thu Jan 4 07:42:35 2001 |
2 | +++ cups-1.1.10/ENCRYPTION.txt Thu Jan 4 09:23:15 2001 | |
3 | @@ -94,6 +94,8 @@ | |
4 | properly signed it will generate all kinds of warnings in | |
5 | Netscape and MSIE: | |
6 | ||
7 | + mkdir /etc/cups/ssl | |
8 | + | |
9 | openssl req -new -x509 -keyout /etc/cups/ssl/server.key \ | |
10 | -out /etc/cups/ssl/server.crt -days 365 -nodes | |
11 | ||
12 | @@ -103,6 +105,51 @@ | |
13 | encrypted. The cupsd process runs in the background, detached | |
14 | from any input source; if you encrypt these files then cupsd | |
15 | will not be able to load them! | |
16 | + | |
17 | +If the above "openssl" command issues messages as | |
18 | + | |
19 | + Using configuration from /usr/lib/ssl/openssl.cnf | |
20 | + Unable to load config info | |
21 | + | |
22 | +and later on | |
23 | + | |
24 | + unable to find 'distinguished_name' | |
25 | + problems making Certificate Request | |
26 | + | |
27 | +create a file /usr/lib/ssl/openssl.cnf (or how it was called in the | |
28 | +error message) containing | |
29 | + | |
30 | +-----------------openssl.cnf------------------------------------------- | |
31 | + | |
32 | +[ req ] | |
33 | +distinguished_name = req_distinguished_name | |
34 | +[ req_distinguished_name ] | |
35 | +countryName = Country Name (2 letter code) | |
36 | +countryName_default = US | |
37 | +countryName_min = 2 | |
38 | +countryName_max = 2 | |
39 | +localityName = Locality Name (eg, city) | |
40 | +organizationalUnitName = Organizational Unit Name (eg, section) | |
41 | +commonName = Common Name (eg, YOUR name) | |
42 | +commonName_max = 64 | |
43 | +emailAddress = Email Address | |
44 | +emailAddress_max = 40 | |
45 | + | |
46 | +----------------------------------------------------------------------- | |
47 | + | |
48 | +and repeat the two commands. Now you will be asked some questions and | |
49 | +the certificate will be generated. | |
50 | + | |
51 | +Give the commands | |
52 | + | |
53 | + man req | |
54 | + | |
55 | +and | |
56 | + | |
57 | + man openssl | |
58 | + | |
59 | +if you have further questions. See especially the "DIAGNOSTICS" and | |
60 | +"EXAMPLES" sections of the "req" man page. | |
61 | ||
62 | Send all rants about non-encrypted certificate and key files to | |
63 | /dev/null. It makes sense to encrypt user files, but not for |