Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Improves the SSL cookbook. It was not clear enough how to enable SSL.

Thanks a million to Dale (dale.liszka@gmail.com) for the patch.

git-svn-id: svn://cherokee-project.com/cherokee/trunk@6803 5dc97367-97f1-0310-9951-d761b3857238
  • Loading branch information...
commit 693d372a973260560e6243247659af5cdcb421ea 1 parent cdc2f7d
@alobbs alobbs authored
View
1  doc/Makefile.am
@@ -185,6 +185,7 @@ media/images/admin_vserver_errors.png \
media/images/admin_vserver_loggers.png \
media/images/admin_vserver.png \
media/images/admin_vserver_security.png \
+media/images/admin_vserver_security_ssl.png \
media/images/admin_vserver_evhost.png \
media/images/admin_handler_proxy.png \
media/images/cookbook_django_common.png \
View
28 doc/cookbook_ssl.txt
@@ -6,6 +6,34 @@ Cookbook: SSL, TLS and certificates
This section answers some general questions and details the procedure
to generate SSL keys.
+[[configure-vserver-ssl-certificates]]
+Configure vServer SSL Certificates
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+To start serving HTTPS traffic from Cherokee you will have to
+link:#ssl-support[enable SSL support] and obtain a
+link:#free-certificates[signed certificate] (or
+link:#self_sign[signed your own]). Ensure that the certificate files
+have the appropriate permissions for your OS and that you know the locations
+of the following:
+
+ . Signed Certificate file
+ . Private Key file used to generate CSR for the above
+ . CA List or Chain file (Optional, depending on signing authority of your certificate)
+
+All files should be generated using PEM-encoding.
+
+.Configuration
+
+Certificates are configured at the vServer level in the *Security* tab. *This
+means you must have a vServer setup that corresponds to your Certificate's
+security scope*. Enter the full paths for your Certificate and corresponding Private
+Key file. To add a certificate chain file to you CA List set *Client Certs. Request*
+to _Accept_ then put the full path to your chain file in the _CA List_ box.
+
+image::media/images/admin_vserver_security_ssl.png[Virtual Server - Security]
+
+
[[general]]
General questions
~~~~~~~~~~~~~~~~~
View
BIN  doc/media/images/admin_vserver_security_ssl.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Please sign in to comment.
Something went wrong with that request. Please try again.