Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Can someone let me know why is that sometimes we need to install the security certificates, from particular client, and then only we can access their https://URL, whereas on certain sites which return https://URL we do not install any security certificates but are still able to open them e.g. hotmail.
Also any good links on this topic, please let me know.
Basically, some certificates (signed by well known big name firms) are already recognized by your browser. That's why you don't have to inspect and approve them. If you look around in your browser's documentation, you should be able to find out which ones these are.
But i am confused about one thing, in this one key has been generated for CA in step 1 and another key for the web server in step 2. Confusion is which key will take part in secure transfer of data and what is the use of CA key? Also, in case of practical scnerio, 3rd command of step 2 will br run by CA, right?
first txn to all for the help, i am now able to setup my secure test site. But
there is a problem, my non secure website (www.xyz.com) and secure website(abc.xyz.com)
are both hosted on same machine. This machine is also acting as DNS server and the IP
given to them is 10.13.241.23. This machine is listening on ports 80 and 443.
When i type https://abc.xyz.com it takes me to the secure webpage, which is fine.
But when I type https://www.xyz.com, it again takes me to the same
secure page, which i don't want. This site is non-secure and should give a message
for the same. My SSL.conf entry is:
# General setup for the virtual host
DocumentRoot "/var/www/ssl" (my SSL index.html resides here)
Pls let me know what am i doing wrong. If any further information is required pls let me know.
You should have got a message saying that this certificate is for abc.com and you are connecting to www.abc.com and it is possible that someone is trying to redirect you.
Apart from that everything will work. You can't use name based with mod_ssl because the secure connection must be made before your browser communicates with apache. Search google for more details.
Using https:// will connect you to the secure website regardless of what domain you use aslong as the DNS 'A' record points to the IP address of your server. In both circumstances you are ocnnecting to the secure website, only when you drop the s in https do you connect to the unsecure website
I've read exactly what you are talking about in O'Reilly's Apache Cookbook. Unfortunately, I don't remember it exactly and i dont have the book either. If you can lay your hands on that book or can google it.
Lets forget about the secure site for one minute, and just focus on the none secure website.
Name based virtual hosting is where you have more than 1 domain pointing to your server and all the domains 'A' records point to the same IP, the server (apache) knows which wesbite to server the browser because of the host specified by the browser.
IP based hosting is where you have multiple IP addresses all point to the same server and each domain you have has its 'A' record point to one of those IPs, the IP has only one domain associated with it, apache then decides which wesbite to serve depending on which IP the request was for.
Now think about your secure site, name based virtual hosting does not work because a secure connection and the certificate need to be sent and established before the request with the http host is sent to apache. So to have multiple secure websites you need to use IP based hosting.
You can treat your non-secure section and secure section of httpd.conf completely separately and indepantly. Indeed you can have two configuration files and have apache running twice, one instance to look after your normal sites, and one to look after your secure sites.
If you want a better or more clear explanation than buy a book or search google, there are loads of articles lying around