[deployment-guide/comm-rel: 643/727] Changed the above section a bit more.

Jaromir Hradilek jhradile at fedoraproject.org
Tue Oct 19 13:19:42 UTC 2010


commit 19b18f3dcaf1eb6a5ca376002fddd59939e66977
Author: Jaromir Hradilek <jhradile at redhat.com>
Date:   Mon Sep 13 17:41:16 2010 +0200

    Changed the above section a bit more.

 en-US/The_Apache_HTTP_Server.xml |   17 +++++++++++------
 1 files changed, 11 insertions(+), 6 deletions(-)
---
diff --git a/en-US/The_Apache_HTTP_Server.xml b/en-US/The_Apache_HTTP_Server.xml
index c41b9a5..01eb1c3 100644
--- a/en-US/The_Apache_HTTP_Server.xml
+++ b/en-US/The_Apache_HTTP_Server.xml
@@ -3036,7 +3036,7 @@ ErrorDocument 404 /404-not_found.html</screen>
     <section id="s2-apache-mod_ssl-keypair">
       <title>Using an Existing Key and Certificate</title>
       <para>
-        If you have a previously created key and certificate pair, you can configure the SSL server to use it instead of creating a new one. However, there are two exceptions to this:
+        If you have a previously created key and certificate, you can configure the SSL server to use these files instead of generating new ones. There are only two situations where this is not possible:
       </para>
       <orderedlist>
         <listitem>
@@ -3057,13 +3057,18 @@ ErrorDocument 404 /404-not_found.html</screen>
         </listitem>
       </orderedlist>
       <para>
-        In either of the above cases, you will need to obtain a new certificate.
+        In either of the above cases, you will need to obtain a new certificate. For more information on this topic, refer to <xref linkend="s2-apache-mod_ssl-genkey" />.
       </para>
       <para>
-        To configure the <acronym>SSL</acronym> server to use an existing key and certificate, move the relevant files to <filename>/etc/pki/tls/private/<replaceable>domain_name</replaceable>.key</filename> and <filename>/etc/pki/tls/certs/<replaceable>domain_name</replaceable>.crt</filename> respectively, and restart the <systemitem class="service">httpd</systemitem> service as described in <xref linkend="s3-apache-running-restarting" />.
+        If you wish to use an existing key and certificate, move the relevant files to the <filename class="directory">/etc/pki/tls/private/</filename> and <filename class="directory">/etc/pki/tls/certs/</filename> directories respectively. You can do so by typing the following commands:
+      </para>
+      <screen>~]# <command>mv</command> <filename><replaceable>key_file</replaceable>.key</filename> <filename>/etc/pki/tls/private/<replaceable>domain_name</replaceable>.key</filename>
+~]# <command>mv</command> <filename><replaceable>certificate</replaceable>.crt</filename> <filename>/etc/pki/tls/certs/<replaceable>domain_name</replaceable>.crt</filename></screen>
+      <para>
+        Then restart the <systemitem class="service">httpd</systemitem> service as described in <xref linkend="s3-apache-running-restarting" />.
       </para>
       <example id="example-apache-mod_ssl-keypair">
-        <title>Upgrading from the <application>Red Hat Secure Web Server</application></title>
+        <title>Using a key and certificate from the <application>Red Hat Secure Web Server</application></title>
         <screen>~]# <command>mv /etc/httpd/conf/httpsd.key /etc/pki/tls/private/penguin.example.com.key</command>
 ~]# <command>mv /etc/httpd/conf/httpsd.crt /etc/pki/tls/certs/penguin.example.com.crt</command></screen>
       </example>
@@ -3137,8 +3142,8 @@ ErrorDocument 404 /404-not_found.html</screen>
         Whether you are getting a certificate from a CA or generating your own self-signed certificate, the first step is to generate a key. Refer to <xref linkend="s2-secureserver-generatingkey" /> for instructions.
       </para>
     </section>
-    <section id="s2-secureserver-generatingkey">
-      <title>Generating a Key</title>
+    <section id="s2-apache-mod_ssl-genkey">
+      <title>Generating a New Key and Certificate</title>
       <para>
         You must be root to generate a key.
       </para>


More information about the docs-commits mailing list