[hunchentoot-devel] Running Hunchentoot with ssl

Brian brian at liberatinginsight.com
Fri Jan 4 19:03:12 UTC 2008


The code you included below for starting the server has a typo in it. 
You provided the keywork :ssl-certificate-file twice. Try using this instead

(defparameter *x* (hunchentoot:start-server :port 4443 
:ssl-privatekey-file #P"/home/kiuma/pem/CA.key" :ssl-certificate-file 
#P"/home/kiuma/pem/CA.crt"))

Also I assume you want port 4443 and not the standard 443
 

Andrea Chiumenti wrote:
> into /home/kiuma/pem
> I've executed:
> >openssl genrsa -out CA.key 1024
> >openssl req -new -key CA.key -x509 -days 1095  -out CA.crt
>
> Country Name (2 letter code) [AU]:IT
> State or Province Name (full name) [Some-State]:Milano
> Locality Name (eg, city) []:Monza
> Organization Name (eg, company) [Internet Widgits Pty Ltd]:wingstech.priv
> Organizational Unit Name (eg, section) []:kasa.wingstech.priv
> Common Name (eg, YOUR name) []:Chiumenti Andrea
> Email Address []:my at e.mail <mailto:my at e.mail>
>
> the in slime repl:
>
> (defparameter *x* (hunchentoot:start-server :port 4443 
> :ssl-certificate-file #P"/home/kiuma/pem/CA.key" :ssl-certificate-file 
> #P"/home/kiuma/pem/CA.crt"))
>
> The server stays mute :((
> On Jan 4, 2008 7:27 PM, Brian <brian at liberatinginsight.com 
> <mailto:brian at liberatinginsight.com>> wrote:
>
>     I also just noticed that you didn't provide the private key file input
>     to your start server function. Try something like:
>
>              (hunchentoot::start-server :port 443
>                                         ;:ssl-privatekey-password
>     <password
>     to key file if version of lisp supports this>
>                                         :ssl-certificate-file
>     *ssl-certificate-path*
>                                         :ssl-privatekey-file
>     *ssl-private-key-path*)
>
>     You will need both the certificate and private key files to start a
>     secure server. The howto listed below provides the directions,
>     make sure
>     you use the instructions on a self-signed certificate when
>     producing the
>     certificate file.
>
>
>     Brian wrote:
>     > I always use the How To's found on the OpenSSL website which you can
>     > find here
>     >
>     > http://www.openssl.org/docs/HOWTO/
>     >
>     >
>     >
>     > Andrea Chiumenti wrote:
>     >> Hello,
>     >> I'm trying to figure out how to run Hunchentoot with SSL but I'm
>     >> getting lost.
>     >> I'm using it under a gentoo linux installation.
>     >> I think the problem is with my ssl certificete file.
>     >>
>     >> to create it I use `openssl genrsa -out File.pem 1024` but since
>     >> (defparameter *x* (hunchentoot:start-server :port 4443
>     >> :ssl-certificate-file #P"/home/kiuma/File.pem")) does not start the
>     >> server.
>     >>
>     >> Does anybody know how to create a test certificate file with
>     openssl
>     >> or another tool ?
>     >>
>     >> Thanks in advance,
>     >> kiuma
>     >>
>     ------------------------------------------------------------------------
>     >>
>     >> _______________________________________________
>     >> tbnl-devel site list
>     >> tbnl-devel at common-lisp.net <mailto:tbnl-devel at common-lisp.net>
>     >> http://common-lisp.net/mailman/listinfo/tbnl-devel
>     <http://common-lisp.net/mailman/listinfo/tbnl-devel>
>     >
>     > _______________________________________________
>     > tbnl-devel site list
>     > tbnl-devel at common-lisp.net <mailto:tbnl-devel at common-lisp.net>
>     > http://common-lisp.net/mailman/listinfo/tbnl-devel
>     >
>     >
>
>     _______________________________________________
>     tbnl-devel site list
>     tbnl-devel at common-lisp.net <mailto:tbnl-devel at common-lisp.net>
>     http://common-lisp.net/mailman/listinfo/tbnl-devel
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> tbnl-devel site list
> tbnl-devel at common-lisp.net
> http://common-lisp.net/mailman/listinfo/tbnl-devel




More information about the Tbnl-devel mailing list