WoSign技术支持：Roxen Web服务器的SSL证书安装指南

首页

产品简介

产品价格

VeriSign 产品

Secure Site

Secure Site Pro-EV

Secure Site-EV

Thawte 产品

SSL Web Server

SGC SuperCerts

SSL Web Server-EV

SSL123

GeoTrust产品

True Business ID-EV

Power Server ID

RapidSSL

首页

技术支持

SSL证书安装指南 - Roxen

Configuring Roxen Challenger

When you have received your certificate, you have to tell Roxen to use it.
Copy the secret key and the certificate into the roxen tree, for example as roxen/server/certificates/my_cert.cert and roxen/server/certificates/my_key.rsa.
Still, the secret key must be protected. You probably want to run roxen as root, and have the secret key file readable by root only.
There are two Roxen modules for SSL. If you have working threads, use the one called ssleay, otherwise the one called ssl. Choose which one to run in the configuration interface under Server Variables -> Listen Ports.
Both protocol modules are configured the same way. You have to enter the file names of your secret key and your certificate, relative to roxen/server, like this:

cert-file certificates/my_cert.cert
key-file certificates/my_key.rsa

At last, to maintain security at your server, beware of security holes that may expose your secret key to an attacker. Don't run any unnecessary services, and install all security patches from your OS vendor.
As for your web server, be very careful when you decide which modules you install. Do not allow untrusted people to use pike scripts or the <pike>-tag. Avoid CGI-programs if possible, as it is too easy to introduce security holes there.