[hunchentoot-devel] Running Hunchentoot with ssl
Brian
brian at liberatinginsight.com
Fri Jan 4 19:03:12 UTC 2008
The code you included below for starting the server has a typo in it.
You provided the keywork :ssl-certificate-file twice. Try using this instead
(defparameter *x* (hunchentoot:start-server :port 4443
:ssl-privatekey-file #P"/home/kiuma/pem/CA.key" :ssl-certificate-file
#P"/home/kiuma/pem/CA.crt"))
Also I assume you want port 4443 and not the standard 443
Andrea Chiumenti wrote:
> into /home/kiuma/pem
> I've executed:
> >openssl genrsa -out CA.key 1024
> >openssl req -new -key CA.key -x509 -days 1095 -out CA.crt
>
> Country Name (2 letter code) [AU]:IT
> State or Province Name (full name) [Some-State]:Milano
> Locality Name (eg, city) []:Monza
> Organization Name (eg, company) [Internet Widgits Pty Ltd]:wingstech.priv
> Organizational Unit Name (eg, section) []:kasa.wingstech.priv
> Common Name (eg, YOUR name) []:Chiumenti Andrea
> Email Address []:my at e.mail <mailto:my at e.mail>
>
> the in slime repl:
>
> (defparameter *x* (hunchentoot:start-server :port 4443
> :ssl-certificate-file #P"/home/kiuma/pem/CA.key" :ssl-certificate-file
> #P"/home/kiuma/pem/CA.crt"))
>
> The server stays mute :((
> On Jan 4, 2008 7:27 PM, Brian <brian at liberatinginsight.com
> <mailto:brian at liberatinginsight.com>> wrote:
>
> I also just noticed that you didn't provide the private key file input
> to your start server function. Try something like:
>
> (hunchentoot::start-server :port 443
> ;:ssl-privatekey-password
> <password
> to key file if version of lisp supports this>
> :ssl-certificate-file
> *ssl-certificate-path*
> :ssl-privatekey-file
> *ssl-private-key-path*)
>
> You will need both the certificate and private key files to start a
> secure server. The howto listed below provides the directions,
> make sure
> you use the instructions on a self-signed certificate when
> producing the
> certificate file.
>
>
> Brian wrote:
> > I always use the How To's found on the OpenSSL website which you can
> > find here
> >
> > http://www.openssl.org/docs/HOWTO/
> >
> >
> >
> > Andrea Chiumenti wrote:
> >> Hello,
> >> I'm trying to figure out how to run Hunchentoot with SSL but I'm
> >> getting lost.
> >> I'm using it under a gentoo linux installation.
> >> I think the problem is with my ssl certificete file.
> >>
> >> to create it I use `openssl genrsa -out File.pem 1024` but since
> >> (defparameter *x* (hunchentoot:start-server :port 4443
> >> :ssl-certificate-file #P"/home/kiuma/File.pem")) does not start the
> >> server.
> >>
> >> Does anybody know how to create a test certificate file with
> openssl
> >> or another tool ?
> >>
> >> Thanks in advance,
> >> kiuma
> >>
> ------------------------------------------------------------------------
> >>
> >> _______________________________________________
> >> tbnl-devel site list
> >> tbnl-devel at common-lisp.net <mailto:tbnl-devel at common-lisp.net>
> >> http://common-lisp.net/mailman/listinfo/tbnl-devel
> <http://common-lisp.net/mailman/listinfo/tbnl-devel>
> >
> > _______________________________________________
> > tbnl-devel site list
> > tbnl-devel at common-lisp.net <mailto:tbnl-devel at common-lisp.net>
> > http://common-lisp.net/mailman/listinfo/tbnl-devel
> >
> >
>
> _______________________________________________
> tbnl-devel site list
> tbnl-devel at common-lisp.net <mailto:tbnl-devel at common-lisp.net>
> http://common-lisp.net/mailman/listinfo/tbnl-devel
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> tbnl-devel site list
> tbnl-devel at common-lisp.net
> http://common-lisp.net/mailman/listinfo/tbnl-devel
More information about the Tbnl-devel
mailing list