You can expect a riveting blogpost in due course.
And by "riveting", I mean "utterly tedious and unnecessary unless you, too, have the misfortune to want to run your own certificate authority".
Well bugger me.
I've:
- set up my own certificate authority
- created a CSR
- signed that CSR
- installed the resulting cert on a server
- configured apache2 to use it
- added my own root cert to my laptop and my Android phone
- configured Firefox on both my laptop and my phone to trust my root cert
- browsed to my website and got a working TLS connection, with no errors / warnings, using my own certificate authority
*And I've got how I did it with openssl written down.*
My goodness what a faff this was, and I'm not at all convinced that it is going to work with apps on Android.
But that is for Tomorrow Neil.
I've:
- set up my own certificate authority
- created a CSR
- signed that CSR
- installed the resulting cert on a server
- configured apache2 to use it
- added my own root cert to my laptop and my Android phone
- configured Firefox on both my laptop and my phone to trust my root cert
- browsed to my website and got a working TLS connection, with no errors / warnings, using my own certificate authority
*And I've got how I did it with openssl written down.*
My goodness what a faff this was, and I'm not at all convinced that it is going to work with apps on Android.
But that is for Tomorrow Neil.
2
