From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-3.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW, SPF_PASS autolearn=ham version=3.2.5 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:sender:message-id:date:from:user-agent:mime-version:to :subject:x-enigmail-version:content-type; bh=iSkzxlbYcgswoueIU/aJwgmHAj5fmNKgED8SCDN5yDU=; b=ZZEosHOXIShOwVDVubeDhZtNYS7bcJdRpTGAei87lSKlBCQyzPRTEJl9cgsUC75Fhw U3AIpqdq4lKEp2CKcnClae5Q7zQaO9zi3Y30gZo3NFpJZNgJoryLGGsiHuEzgrPNUwwI bXPex/3Zj6W2Ys5V7mvRzsSaRWf17EhXWOYLvlzUHx2kEPj+OtvNMcb6k4i6PSB5QxkX diUkE1zoA/G4RUxtuxbHUCZsXwgmb+J31zAJeMjgN5OPmNE9+ZvRijbYBlYRGJsNDBAz PxOrJQ47kuxb7iEqd8oPtxaEzb1gFTnjx24YrtuPu5jEkXn1PtPfdpPN6vJq/qcaTIvE IGXg== X-Received: by 10.204.148.130 with SMTP id p2mr40537836bkv.10.1358274107849; Tue, 15 Jan 2013 10:21:47 -0800 (PST) Sender: Aleksey Avdeev Message-ID: <50F59E2F.7030300@solin.spb.ru> Date: Tue, 15 Jan 2013 22:21:35 +0400 From: Aleksey Avdeev User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; ru; rv:1.9.2.14pre) Gecko/20110125 Thunderbird/3.1.8pre MIME-Version: 1.0 To: ALT Linux Team development discussions X-Enigmail-Version: 1.1.2 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigBF929153D9F54590DEC432BD" Subject: [devel] =?koi8-r?b?STogYXBhY2hlMi1tb2Rfc3NseywtY29tcGF0fTog6drN?= =?koi8-r?b?xc7FzsnRIM7B09TSz8XLIFNTTC4=?= X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jan 2013 18:21:56 -0000 Archived-At: List-Archive: List-Post: This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigBF929153D9F54590DEC432BD Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: quoted-printable =F0=D2=C9=D7=C5=D4=D3=D4=D7=D5=C0. =F1 =D0=CC=C1=CE=C9=D2=D5=C0 =D0=C5=D2=C5=D7=C5=D3=D4=C9 =C4=C5=C6=CF=CC= =D4=CE=D9=C5 =CE=C1=D3=D4=D2=CF=CA=CB=C9 apache2-mod_ssl{,-compat} =CE=C1= =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=CE=C9=C5 =CF=C2=DD=C5=D3=C9=D3=D4=C5=CD=CE= =CF=C7=CF =C8=D2=C1=CE=C9=CC=C9=DD=C1 =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4=CF=D7= /var/lib/ssl. (=F3=C5=CA=DE=C1=D3 apache2-mod_ssl =C9=D3=D0=CF=CC=D8=DA=D5=C5=D4 =D3=D7= =CF=A3 =D7=CE=D5=D4=D2=C5=CE=CE=C5=C5 =C8=D2=C1=CE=C9=CC=C9=DD=C5, /etc/httpd2/conf/ssl.*.) =F0=CF=CB=C1 =D0=CC=C1=CE=C9=D2=D5=C0 =D3=C4=C5=CC=C1=D4=D8 =D7 /etc/httpd2/conf/sites-available/default_https{-compat,}.conf =D4=C1=CB=C9= =C5 =CE=C1=D3=D4=D2=CF=CA=CB=C9 (=D7 =DA=CE=C1=DE=C5=CE=C9=D1=C8 =D0=CF=CD=C5= =DE=C5=CE=CE=D9=C8 "????" =D1 =CE=C5=D5=D7=C5=D2=C5=CE): # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If # the certificate is encrypted, then you will be prompted for a # pass phrase. Note that a kill -HUP will prompt again. Keep # in mind that if you have both an RSA and a DSA certificate you # can configure both in parallel (to also allow the use of DSA # ciphers, etc.) SSLCertificateFile "/var/lib/ssl/certs/server.crt" #SSLCertificateFile "/var/lib/ssl/certs/server-dsa.crt" # Server Private Key: # If the key is not combined with the certificate, use this # directive to point at the key file. Keep in mind that if # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) SSLCertificateKeyFile "/var/lib/ssl/private/server.key" #SSLCertificateKeyFile "/var/lib/ssl/private/server-dsa.key" # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile "/var/lib/ssl/certs/ca-root.pem" ?????????????????????????????? # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath "/var/lib/ssl/certs" #SSLCACertificateFile "/var/lib/ssl/certs/ca-root.pem" ?????????????????????????????? # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCARevocationPath "/var/lib/ssl/certs" #SSLCARevocationFile "/var/lib/ssl/certs/ca-bundle.crl" ???????????????????????????????? =F0=D2=C9 =DC=D4=CF=CD =D1 =C9=D3=C8=CF=D6=D5 =C9=DA: 1. =F3=C5=D2=D4=C9=C6=C9=CB=C1=D4 =D3=C5=D2=D7=C5=D2=C1 =C9 =C5=C7=CF =CB= =CC=C0=DE -- /var/lib/ssl/certs/server.crt =C9 /var/lib/ssl/private/server.key. =E6=C1=CA=CC=D9 =C2=D5=C4=D5=D4 =D3=CF=DA= =C4=C1=D7=C1=D4=D8=D3=D1 =D0=D2=C9 =D3=D4=C1=D2=D4=C5 =D3=C5=D2=D7=C5=D2=C1, =C5=D3=CC=C9 =C9=C8 =CE=C5=D4, =C1 mod_ssl =C2=D5=C4= =C5=D4 =C7=D2=D5=DA=C9=D4=D3=D1. (=ED=CF=D6=C5=D4 =C2=D9=D4=D8 =CF=D3=CD=D9= =D3=CC=C5=CE=CE=C5=C5 =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=D4=D8 www.*, =D7=CD=C5=D3=D4=CF server.*?)= 2. /var/lib/ssl/certs/ca-root.pem -- =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4 CA. =E5= =D3=CC=C9 =D1 =D0=D2=C1=D7=C9=CC=D8=CE=CF =D0=CF=CE=D1=CC (=C9=DA =C1=CE=C1=CC=C9=DA=C1 =D3=C9=D3=D4=C5=CD=D9, =CE=C5= =DA=CE=C1=C0 =C7=C4=C5 =CF=CE=CF =D5 =CE=C1=D3 =DA=C1=C4=CF=CB=D5=CD=C5=CE= =D4=C9=D2=CF=D7=C1=CE=CF), =D4=CF =C9=CD=C5=CE=CE=CF =CF=CE =C9=D3=D0=CF=CC=D8=DA=D5=C5=D4=D3=D1 =D7 =CE=C1= =DB=C5=CD =C4=CF=CD=C5=CE=C5. =EF=D3=CE=CF=D7=CE=CF=CA =D7=CF=D0=D2=CF=D3: =CE=C1=D3=CB=CF=CC=D8=CB=CF= =D0=CC=C1=CE=C9=D2=D5=C5=CD=CF=C5, =C4=CC=D1 =CE=C1=DB=C9=C8 =D5=D3=CC=CF= =D7=C9=CA, =D0=D2=C1=D7=C9=CC=D8=CE=CF? --=20 =F3 =D5=D7=C1=D6=C5=CE=C9=C5=CD. =E1=CC=C5=CB=D3=C5=CA. --------------enigBF929153D9F54590DEC432BD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJQ9Z4vAAoJEA9Eed/JIzr3KlUQAL5n0x8Mwa68HTiKcjHrPg/F ZBw8dN1iF9zgBHy7lde2CFYr4+/bWytymwTSaFFU12QsCGDqh6TqD450eKaFm2Is 9lluwNbT3dgNjeMpXfykBWAZ195OsC3oSRryuEJ+ggrhHUPA4Av5GbaAtBKgHORk m/FZtyh4aX9GVuDDnpNd2HRVZlOLkzzRm2kAZLORXwjVlJREz6N4JmkfJBJfZOqd U8/9QAWc/JBkHjNreAFRtBF+ELdTSXfRIJyPlM9D7/El4znJHA6hh++9ZSpizWMv K+raateKqP4aNpKxq1S0ZGtv1hbtlOpd6MUrktR5zYdcfqaQvVELsAXOqzNTh5nK ORhhUBq7vcIL4ZhFb81f2xv8pb2WhoJMMUTd3QefZviW++HRHbmnIqeORbsCin16 B6uGYzh5joKw2u/PzQd7yTt4qk2PQ8zvZggp4DMcy6rv9Br+f58ggRnO1bbwK5Xw Uk2Cy9pe8nBa/DHggEa0pKj2SZM0G04ArL+FB297OPYczj6CCxBQPTy8X29Y6Lvx Ke6TWZTfqaIRExtDjZL3S/IMQpyzmNm/+GkPQez03bNczBe1yI2yO4iejnT0/JkY tyeU6g2uerx1JwTpfpcTUy759EYr3XkscSJkwFAVOchrObh9KF+WNn+ks/fn5Seu /IT0XiBWLZ/k3wliscCB =EN4P -----END PGP SIGNATURE----- --------------enigBF929153D9F54590DEC432BD--