aboutsummaryrefslogtreecommitdiffstats
path: root/README
blob: ad7f9c6f03cbfcc2aed64234d0ff8e62e40f4e58 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 Edward Rudd
2004-01-04
* update autoconf scripts to check MySQL..1.91Gravatar Edward Rudd 2003-12-23
* Initial revisionGravatar Edward Rudd 2003-12-20
* Changes on the way to 1.19. This is probably going to be 1.19b1. Detail:1.19b1Gravatar Christopher Powell 2003-07-22
* Some minor additions / edits to the docs.Gravatar Christopher Powell 2003-03-27
* Removed message about insufficient info to log.1.18Gravatar Christopher Powell 2002-12-18
* Delayed inserts, includes, better table creation, renamed global vars,Gravatar Christopher Powell 2002-12-18
* *** empty log message ***Gravatar Christopher Powell 2002-12-10
* Changes on route to 1.18 release (better table creation logic and workarounds...Gravatar Christopher Powell 2002-12-10
* Further Makefile reorg/cleanup, a new option to support delayed insertsGravatar Christopher Powell 2002-11-27
* Some more doc edits & cleanup.Gravatar Christopher Powell 2002-11-19
* Yet more minor documentation edits.Gravatar Christopher Powell 2002-11-19
* Many more doc edits. Reworked the makefile to use ssh/scp for 'make distro'.1.17Gravatar Christopher Powell 2002-11-17
* Further changes to the documentation and how it is generated.Gravatar Christopher Powell 2002-11-15
* More documentation work on the way to final 1.17 release.Gravatar Christopher Powell 2002-11-14
* Monster changes en route to 1.17. Esp. with new documentation.Gravatar Christopher Powell 2002-11-14
generated by cgit (git 2.34.1) at 2025-10-29 17:45:29 +0000
ificates. Other options to # GnuTLSClientVerify could be ignore or require. The # GnuTLSClientCAFile contains the CAs to verify client certificates. GnuTLSClientVerify request GnuTLSX509CAFile ca.pem </VirtualHost> # A setup for OpenPGP and X.509 authentication <VirtualHost 1.2.3.4:443> Servername crystal.lan:443 GnuTLSEnable on GnuTLSPriorities NORMAL:+COMP-NULL # Setup the openpgp keys GnuTLSPGPCertificateFile /etc/apache2/test.pub.asc GnuTLSPGPKeyFile /etc/apache2/test.sec.asc # - and the X.509 keys GnuTLSCertificateFile /etc/apache2/server-cert.pem GnuTLSKeyFile /etc/apache2/server-key.pem GnuTLSClientVerify ignore # To avoid using the default DH params GnuTLSDHFile /etc/apache2/dh.pem # These are only needed if GnuTLSClientVerify != ignore GnuTLSClientCAFile ca.pem GnuTLSPGPKeyringFile /etc/apache2/ring.asc </VirtualHost> VI. CREATE OPENPGP CREDENTIALS FOR THE SERVER mod_gnutls currently cannot read encrypted OpenPGP credentials. That is, when you generate a key with gpg and gpg prompts you for a passphrase, just press enter. Then press enter again, to confirm an empty passphrase. http://news.gmane.org/gmane.comp.apache.outoforder.modules These instructions are from the GnuTLS manual: http://www.gnu.org/software/gnutls/manual/html_node/Invoking-gnutls_002dserv.html#Invoking-gnutls_002dserv $ gpg --gen-key ...enter whatever details you want, use 'test.gnutls.org' as name... Make a note of the OpenPGP key identifier of the newly generated key, here it was 5D1D14D8. You will need to export the key for GnuTLS to be able to use it. $ gpg -a --export 5D1D14D8 > openpgp-server.txt $ gpg -a --export-secret-keys 5D1D14D8 > openpgp-server-key.txt
generated by cgit (git 2.34.1) at 2025-10-29 17:45:28 +0000