[Apache2] Connections via https questions...
Mostly wondering if it is possible to use HTTPS without a real SSL certificate?
I mostly want the HTTPS for encrypted communications.
What problems will I encounter if I do this?
Will I need to make a root CA? can I do this? should I do this?
BackGround:
My goal is to setup a GIT/Mercurial server (invite only), with a simple web form using an openssl public key for user authentication, while letting them manage their password on their own private keys...
I have managed it, but intend to rebuild the server, so that the groups which use the server will also have a CMS web page. I'd also like to give the users a local email on the server, and project leads a group email option.
As most of the projects involved are semi-total closed source projects during development, I am trying to prevent all forms of plain-text communications between users and server. I'd also like stability, and have currently been using Ubuntu LTS server, is this a good choice? (I'd like simple one-liner responses to this question in particular - I understand the flavor issues are (ironically) a matter of taste), with what I just stated - is there a particular linux flavor which is more suited to the task?
Any help, or recommendations are greatly appreciated. While I can fumble along quietly in the dark, having someone shining a spot-light would make things much easier...
In advance - I know there are many free services which supply this functionality and more, but I am yet to find one which does not have a user limit/secure connections...
|