3. Configure OpenSSL to optimise

Note

All the configuration files required for each software described in this book has been provided by us as a gzipped file, floppy.tgz for your convenience. This can be downloaded from this web address: http://www.openna.com/books/floppy.tgz You can unpack this to any location on your local machine, say for example /tmp, assuming you have done this your directory structure will be /tmp/floppy. Within this floppy directory each configuration file has its own directory for respective software. For example OpenSSL configuration file are organised like this:


             total 16
             -rw-r--r--    1 harrypotter    harrypotter        7002 Jun  8 13:00 openssl.cnf
             -rwxr-xr-x    1 harrypotter    harrypotter        1847 Jun  8 13:00 sign.sh*
             -rwx------    1 harrypotter    harrypotter         362 Jun  8 13:00 ssl.sh*
             

You can either cut and paste this directly if you are faithfully following our instructions from the begining or manually edit these to modify to your needs. This facility is there though as a convenience but please don't forget ultimately it will be your responsibility to check, verify, etc. before you use them whether modified or as it is.

To run OpenSSL Server, the following files are required and must be created or copied to the appropriate directories on your server.

  1. Copy the openssl.cnf file to the /etc/ssl/ directory.

  2. Copy the sign.sh script file to the /usr/bin/ directory.

Tip

You can obtain the configuration files listed below on our floppy.tgz archive. Copy the following files from the decompressed floppy.tgz archive to the appropriate places or copy and paste them directly from this book to the concerned file.