Skip to content

Commit

Permalink
Updated documentation.
Browse files Browse the repository at this point in the history
  • Loading branch information
@endlesscoil
endlesscoil committed Nov 17, 2013
1 parent 92c661e commit 5f349b1
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 8 deletions.
6 changes: 3 additions & 3 deletions INSTALL
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
1. ./configure
2. make
3. sudo cp ser2sock /usr/local/bin/
4. sudo mkdir -p /etc/ser2sock
5. sudo cp ser2sock.conf.example /etc/ser2sock/ser2sock.conf
6. Make changes to /etc/ser2sock/ser2sock.conf as needed.
4. sudo cp -R etc/ser2sock /etc/
5. Make changes to /etc/ser2sock/ser2sock.conf as needed.
6. If using SSL generate certificates
7. sudo cp init/ser2sock /etc/init.d/
8. sudo update-rc.d ser2sock defaults
9. sudo /etc/init.d/ser2sock start
23 changes: 18 additions & 5 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,9 @@ Installation
1. ./configure
2. make
3. sudo cp ser2sock /usr/local/bin/
4. sudo mkdir -p /etc/ser2sock
5. sudo cp ser2sock.conf.example /etc/ser2sock/ser2sock.conf
6. vi /etc/ser2sock/ser2sock.conf
4. sudo cp -R etc/ser2sock /etc/
5. Make changes to /etc/ser2sock/ser2sock.conf as needed.
6. If using SSL generate certificates
7. sudo cp init/ser2sock /etc/init.d/
8. sudo update-rc.d ser2sock defaults
9. sudo /etc/init.d/ser2sock start
Expand Down Expand Up @@ -53,7 +53,7 @@ There are three pieces you need to make this work.
signed by the CA.

Generating the Certificates
-------------------------
---------------------------

Create the CA certificate and key:
```openssl req -out ca.pem -new -x509```
Expand Down Expand Up @@ -83,7 +83,20 @@ Now all you have to do is enable encryption in the configuration, update your
certificate paths, and restart the service.

Testing the SSL Certificates
---------------------------
----------------------------
After the certificates have been generated and ser2sock restarted you can
verify that the certificates work with OpenSSL:
```openssl s_client -connect 127.0.0.1:10000 -cert client.pem -key client.key -CAfile ca.pem```

Certificate Revocation
----------------------
Certificates may be revoked using OpenSSL's CA facility.

Revoke the certificate:
```openssl ca -config ca.conf -revoke certs/badclient.pem -keyfile certs/privkey.pem -cert certs/ca.pem```

Regenerate the CRL:
```openssl ca -config ca.conf -gencrl -keyfile certs/privkey.pem -cert certs/ca.pem -out ser2sock.crl```

Restart ser2sock:
```killall -HUP ser2sock```

0 comments on commit 5f349b1

Please sign in to comment.