diff options
| author | Fumitoshi UKAI <ukai@debian.or.jp> | 2001-12-27 18:30:02 +0000 |
|---|---|---|
| committer | Fumitoshi UKAI <ukai@debian.or.jp> | 2001-12-27 18:30:02 +0000 |
| commit | 93022365c9feecb3f72472aaa6c598ba0c13fc8e (patch) | |
| tree | 2d971b42ecbaa3874d11da51b9ef1b526fd46fad /doc-jp | |
| parent | [w3m-dev 02772] (diff) | |
| download | w3m-93022365c9feecb3f72472aaa6c598ba0c13fc8e.tar.gz w3m-93022365c9feecb3f72472aaa6c598ba0c13fc8e.zip | |
add note about cert
Diffstat (limited to 'doc-jp')
| -rw-r--r-- | doc-jp/README.SSL | 61 |
1 files changed, 60 insertions, 1 deletions
diff --git a/doc-jp/README.SSL b/doc-jp/README.SSL index f4dd5b6..f3ce85a 100644 --- a/doc-jp/README.SSL +++ b/doc-jp/README.SSL @@ -2,6 +2,8 @@ SSL ���ݡ��ȤˤĤ��� (2000/11/07) �������� okabek@guitar.ocn.ne.jp + (2001/12/27) ����ʸ�� + ukai@debian.or.jp �� SSLeay/OpenSSL �饤�֥����̤���, SSL �ݡ��Ȥ��Ƥ��ޤ�. ���餫���ᥤ�ȡ��뤷�Ƥ����Ƥ�������. @@ -37,10 +39,67 @@ SSL ���ݡ��ȤˤĤ��� �ޤ��ºݤ�ǧ�ڤ�Ԥ����, ssl_ca_path�ޤ���ssl_ca_file��, �����Фθ��� ��̾���Ƥ���ǧ�ڶɤξ������ (ssl_verify_server��ON/OFF�˴ط�̵��) ���� - ���ʤ���ǧ�ڤ��������ʤ��褦�Ǥ�. + ���ʤ��ȥ�����ǧ�ڤ��������ޤ��� + + �̾�Ȥ��Ƥ���ǧ�ڶɤξ�����ϰʲ��ΤȤ����ʤɤ�������Ǥ��ޤ��� + + * mozilla�Υ������˴ޤޤ�Ƥ��� + mozilla/security/nss/lib/ckfw/builtins/certdata.txt + ����ź�դ� ruby script �� *.pem�ե�����Ȥ��ƤȤ��������� + + % ruby certdata2pem.rb < certdata.txt + + �ǥ����ȥǥ��쥯�ȥ�� *.pem�ե������Ȥ���� + openssl�� c_rehash ���ޥ�ɤ� hash symlink ��������ޤ��� + ���Υǥ��쥯�ȥ�� ssl_ca_path �����ꤹ�뤳�Ȥ��Ǥ��ޤ��� + �⤷���ϡ�*.pem ��ޤȤ��ĤΥե������������Ƥ����� + ����� ssl_ca_file �����ꤹ�뤳�Ȥ��Ǥ��ޤ��� + + * mod_ssl�Υ������˴ޤޤ�Ƥ��� pkg.sslcfg/ca-bundle.crt + ����� PEM�ʤΤǡ����Υե�����Υե�ѥ�̾�� ssl_ca_file �� + ���ꤹ�뤳�Ȥ��Ǥ��ޤ��� �� �С������ 0.9.5 �ʹߤ� OpenSSL �饤�֥���, ������������뤿��˴��Ĥ� �Υ����ɤ����ꤹ��ɬ�פ�����ޤ�. �ǥե���ȤǤ� /dev/urandom ������Ф�������Ѥ��ޤ���, ̵����� w3m ���� ���������ޤ�. �⤷, EGD (Entropy Gathering Daemon) �����ѤǤ���Ķ��Ǥ��� ��Ȥ���������, USE_EGD �ޥ���������å����ƤߤƤ�������. + +---------------------------------------------------------------- +#!/usr/bin/ruby +# Copyright (c) 2001 Fumitoshi UKAI <ukai@debian.or.jp> +# All rights reserved. +# This is free software with ABSOLUTELY NO WARRANTY. +# +# You can redistribute it and/or modify it under the terms of +# the Ruby's licence. +# +# certdata2pem.rb + +while line = $stdin.gets + next if line =~ /^#/ + next if line =~ /^\s*$/ + line.chomp! + if line =~ /CKA_LABEL/ + label,type,val = line.split(' ',3) + val.sub!(/^"/, "") + val.sub!(/"$/, "") + fname = val.gsub(/\//,"_").gsub(/\s+/, "_").gsub(/[()]/, "=") + ".pem" + next + end + if line =~ /CKA_VALUE MULTILINE_OCTAL/ + data='' + while line = $stdin.gets + break if /^END/ + line.chomp! + line.gsub(/\\([0-3][0-7][0-7])/) { data += $1.oct.chr } + end + open(fname, "w") do |fp| + fp.puts "-----BEGIN CERTIFICATE-----" + fp.puts [data].pack("m*") + fp.puts "-----END CERTIFICATE-----" + end + puts "Created #{fname}" + end +end +system("c_rehash", ".") |