diff options
Diffstat (limited to 'README')
| -rw-r--r-- | README | 19 |
1 files changed, 19 insertions, 0 deletions
| @@ -109,3 +109,22 @@ NameVirtualHost 1.2.3.4:443 | |||
| 109 | GnuTLSClientCAFile ca.pem | 109 | GnuTLSClientCAFile ca.pem |
| 110 | GnuTLSPGPKeyringFile /etc/apache2/ring.asc | 110 | GnuTLSPGPKeyringFile /etc/apache2/ring.asc |
| 111 | </VirtualHost> | 111 | </VirtualHost> |
| 112 | |||
| 113 | Create OpenPGP credentials for the server: | ||
| 114 | |||
| 115 | IMPORTANT: mod_gnutls currently cannot read encrypted OpenPGP credentials. That | ||
| 116 | is, when you generate a key with gpg and gpg prompts you for a passphrase, just | ||
| 117 | press enter. Then press enter again, to confirm an empty passphrase. | ||
| 118 | http://news.gmane.org/gmane.comp.apache.outoforder.modules | ||
| 119 | |||
| 120 | These instructions are from the GnuTLS manual: | ||
| 121 | http://www.gnu.org/software/gnutls/manual/html_node/Invoking-gnutls_002dserv.html#Invoking-gnutls_002dserv | ||
| 122 | |||
| 123 | $ gpg --gen-key | ||
| 124 | ...enter whatever details you want, use 'test.gnutls.org' as name... | ||
| 125 | |||
| 126 | Make a note of the OpenPGP key identifier of the newly generated key, here it | ||
| 127 | was 5D1D14D8. You will need to export the key for GnuTLS to be able to use it. | ||
| 128 | |||
| 129 | $ gpg -a --export 5D1D14D8 > openpgp-server.txt | ||
| 130 | $ gpg -a --export-secret-keys 5D1D14D8 > openpgp-server-key.txt | ||