[deployment-guide/comm-rel: 643/727] Changed the above section a bit more.
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 13:19:42 UTC 2010
commit 19b18f3dcaf1eb6a5ca376002fddd59939e66977
Author: Jaromir Hradilek <jhradile at redhat.com>
Date: Mon Sep 13 17:41:16 2010 +0200
Changed the above section a bit more.
en-US/The_Apache_HTTP_Server.xml | 17 +++++++++++------
1 files changed, 11 insertions(+), 6 deletions(-)
---
diff --git a/en-US/The_Apache_HTTP_Server.xml b/en-US/The_Apache_HTTP_Server.xml
index c41b9a5..01eb1c3 100644
--- a/en-US/The_Apache_HTTP_Server.xml
+++ b/en-US/The_Apache_HTTP_Server.xml
@@ -3036,7 +3036,7 @@ ErrorDocument 404 /404-not_found.html</screen>
<section id="s2-apache-mod_ssl-keypair">
<title>Using an Existing Key and Certificate</title>
<para>
- If you have a previously created key and certificate pair, you can configure the SSL server to use it instead of creating a new one. However, there are two exceptions to this:
+ If you have a previously created key and certificate, you can configure the SSL server to use these files instead of generating new ones. There are only two situations where this is not possible:
</para>
<orderedlist>
<listitem>
@@ -3057,13 +3057,18 @@ ErrorDocument 404 /404-not_found.html</screen>
</listitem>
</orderedlist>
<para>
- In either of the above cases, you will need to obtain a new certificate.
+ In either of the above cases, you will need to obtain a new certificate. For more information on this topic, refer to <xref linkend="s2-apache-mod_ssl-genkey" />.
</para>
<para>
- To configure the <acronym>SSL</acronym> server to use an existing key and certificate, move the relevant files to <filename>/etc/pki/tls/private/<replaceable>domain_name</replaceable>.key</filename> and <filename>/etc/pki/tls/certs/<replaceable>domain_name</replaceable>.crt</filename> respectively, and restart the <systemitem class="service">httpd</systemitem> service as described in <xref linkend="s3-apache-running-restarting" />.
+ If you wish to use an existing key and certificate, move the relevant files to the <filename class="directory">/etc/pki/tls/private/</filename> and <filename class="directory">/etc/pki/tls/certs/</filename> directories respectively. You can do so by typing the following commands:
+ </para>
+ <screen>~]# <command>mv</command> <filename><replaceable>key_file</replaceable>.key</filename> <filename>/etc/pki/tls/private/<replaceable>domain_name</replaceable>.key</filename>
+~]# <command>mv</command> <filename><replaceable>certificate</replaceable>.crt</filename> <filename>/etc/pki/tls/certs/<replaceable>domain_name</replaceable>.crt</filename></screen>
+ <para>
+ Then restart the <systemitem class="service">httpd</systemitem> service as described in <xref linkend="s3-apache-running-restarting" />.
</para>
<example id="example-apache-mod_ssl-keypair">
- <title>Upgrading from the <application>Red Hat Secure Web Server</application></title>
+ <title>Using a key and certificate from the <application>Red Hat Secure Web Server</application></title>
<screen>~]# <command>mv /etc/httpd/conf/httpsd.key /etc/pki/tls/private/penguin.example.com.key</command>
~]# <command>mv /etc/httpd/conf/httpsd.crt /etc/pki/tls/certs/penguin.example.com.crt</command></screen>
</example>
@@ -3137,8 +3142,8 @@ ErrorDocument 404 /404-not_found.html</screen>
Whether you are getting a certificate from a CA or generating your own self-signed certificate, the first step is to generate a key. Refer to <xref linkend="s2-secureserver-generatingkey" /> for instructions.
</para>
</section>
- <section id="s2-secureserver-generatingkey">
- <title>Generating a Key</title>
+ <section id="s2-apache-mod_ssl-genkey">
+ <title>Generating a New Key and Certificate</title>
<para>
You must be root to generate a key.
</para>
More information about the docs-commits
mailing list