SSL file location and permissions?

Is there a standard location where the SSL crt, csr, and key files
should be located? I would prefer to keep them out of "dan's home
directory" and put them in a widely accepted location. If it helps, I am
running CentOS and I have a standard installation of Apache using yum.
Also, what should the file permissions be for these files and the
containing directory?

Thanks,
Dan Schaefer
Web Developer/Systems Analyst
Performance Administration Corp.


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: SSL file location and permissions?

On Mon, Jan 18, 2010 at 8:52 PM, Dan Schaefer wrote:
> Is there a standard location where the SSL crt, csr, and key files should be
> located? I would prefer to keep them out of "dan's home directory" and put
> them in a widely accepted location. If it helps, I am running CentOS and I
> have a standard installation of Apache using yum. Also, what should the file
> permissions be for these files and the containing directory?

There is no standard location. Practices vary by distribution.
On Fedora its /etc/pki/tls
On my Ubuntu server its's /etc/apache2/ssl

You're free to use what works, or stick with what your distro proposes.

Krist


--
krist.vanbesien@gmail.com
krist@vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: SSL file location and permissions?

> Is there a standard location where the SSL crt, csr, and key files
should be
> located?

This wiki page might be of help for some of these locations:

http://wiki.apache.org/httpd/DistrosDefaultLayout



------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: SSL file location and permissions?

--00504502bf464ae0b3047d7f78fe
Content-Type: text/plain; charset=ISO-8859-1

It is up to the which distribution you are using. If you are using
redhat/fedora and use default rpm then default location would be /etc/httpd
but if you build source code of Apache then location can be of your choice.
if you build from source then use --prefix option in your configure script
to tell apache to install location. Example

--prefix=/usr

On Tue, Jan 19, 2010 at 12:26 PM, Lee Fisher wrote:

> > Is there a standard location where the SSL crt, csr, and key files should
> be
> > located?
>
> This wiki page might be of help for some of these locations:
>
> http://wiki.apache.org/httpd/DistrosDefaultLayout
>
>
>
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

--00504502bf464ae0b3047d7f78fe
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

It is up to the which distribution you are using. If you are using redhat/f=
edora and use default rpm then default location would be /etc/httpd but if =
you build source code of Apache then location can be of your choice. if you=
build from source then use --prefix option in your configure script to tel=
l apache to install location. Example


--prefix=3D/usr

Re: SSL file location and permissions?

On 1-19-2010 1:59 AM, Krist van Besien wrote:
> On Mon, Jan 18, 2010 at 8:52 PM, Dan Schaefer wrote:
>
>> Is there a standard location where the SSL crt, csr, and key files should be
>> located?
>>
> There is no standard location. Practices vary by distribution.
> On Fedora its /etc/pki/tls
> On my Ubuntu server its's /etc/apache2/ssl
>
> You're free to use what works, or stick with what your distro proposes.
>
> Krist
>
>
I could not find any accepted/widely-used/standard location that CentOS
proposes. It seems that the location is different for each package as
well (Apache vs Postfix). I decided to choose /etc/certs/ for my location.

Dan Schaefer
Web Developer/Systems Analyst
Performance Administration Corp.


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org