Digital Certification, Signed by Known Certificate Authorities

By | January 28, 2008

_____________________________________________
with loves, with efforts, with knowledges
knowing the best for ur best
__illuminator__
http://wafa.web.id
_____________________________________________
this night, i’m successfully publish my web site @ www.illuminator.web.id to have SSL support,
in this server i plant a certification from StartCom Ltd. => https://www.startssl.com thanks to the support team that add my country to their registration form.
first, u need to register to their site through their registration form, please submit complete information to get your application form to be approved. after registration u will receive confirmation via your email, n need to confirm that confirmation code, if u successful with this step and their approved your application, u will prompt to create client certificate that can be use to login to their site to do much think..
before u can create your server certificates, u must validate your domain first, insert your domain, and they will send you a confirmation through the email on your domain (hostmaster@yourdomain or webmaster@yourdomain or postmaster@yourdomain) according your current administration email.

after validating your domain, u can create certificate for your domain, note: for free member they just provide class 1 certification, u just have one cert for one sub domain. just create a private key with high grade security and submit your pass phrase u will get CSR key, if your certificate request approved you can download it via toolbox->Retrieve Certificate.
in my server configuration i add this configuration to my domain:

NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
ServerAdmin hostmaster@illuminator.web.id
ServerName illuminator.web.id
ServerAlias www.illuminator.web.id
ServerAlias illuminator.wafa.web.idDocumentRoot /home/wafa/public_html/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/wafa/public_html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>ErrorLog /var/log/apache2/illuminator-error.log
LogLevel warn
CustomLog /var/log/apache2/illuminator-access.log combined
ServerSignature On
</VirtualHost><VirtualHost *:443>
ServerAdmin hostmaster@illuminator.web.id
ServerName illuminator.web.id
ServerAlias www.illuminator.web.id
ServerAlias illuminator.wafa.web.idDocumentRoot /home/wafa/public_html/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/wafa/public_html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/apache2/ssl.crt/illuminator.web.id.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/illuminator.web.id.key
SSLCertificateChainFile /etc/apache2/ssl.crt/sub.class1.server.ca.crt
SSLCACertificateFile /etc/apache2/ssl.crt/ca.crt
SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown
ErrorLog /var/log/apache2/illuminator-error.log
LogLevel warn
CustomLog /var/log/apache2/illuminator-access.log combined
ServerSignature On
</VirtualHost>

note, with that configuration you can add more than one certificate for more than one virtual host.
and now you can restart your configuration, and add this script to add startcom badge that link to check your certificate.
<script src=”https://www.startssl.com/validation.js”></script>
_____________________________________________
with loves, with efforts, with knowledges
knowing the best for ur best
__illuminator__
http://wafa.web.id
_____________________________________________

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.