I'm new here so hello to everyone
I have a server running ubuntu (hardy) with apache in virtualhosts basis.
I'm connecting XML services and I was asked to enable ssl without requiring certificate. hummmmm ok!?!?!?
I read the ssl_mod documentation and the ssl mechanism works with a pair of keys - a public and a private. Certificates basically validate the public key authenticity.
All the tutorials over the internet rely on installing ssl with a self sign certificate.
Is the following possible - Create a private key and provide the second party involved with the public key and forget the certificate stuff?
what I've done by now:
- installed openssl
- add NameVirtualHost *:443 at httpd.conf
- new virtualhost
<VirtualHost *:443>
ServerName test
DocumentRoot /var/www/test
SSLEngine on
CustomLog /var/log/apache2/test-access.log combined
ErrorLog /var/log/apache2/test-error.log
</VirtualHost>
I think I need to use this directive
SSLCertificateKeyFile
How can I create those keys without the certificate? Or not possible?