The Official Proxomitron Forum
The Official Proxomitron Forum
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Proxomitron Program
 Proxomitron Updates
 Proxomitron's Certificate
 New Topic  Reply to Topic
 Printer Friendly
Next Page
Author  Topic Next Topic
Page: of 2

hpguru
Advanced Member

USA
2271 Posts

Posted - 2003/10/01 :  05:04:07    Visit hpguru's Homepage  Reply with Quote
Does anyone have a plan what to do when Proxo's certificate expires next year? What is needed to create our own?



God protect me from your followers.

MorpheusDreamlord
Junior Member

Australia
66 Posts
REPLY_ID=8150

Posted - 2003/10/02 :  18:28:23    Visit MorpheusDreamlord's Homepage  Reply with Quote
So what happens then tho - will proxo stop working, or just the secure libs bits?

|
Come to the Dreaming...

Go to Top of Page

TEggHead
Average Member

Netherlands
485 Posts
REPLY_ID=8151

Posted - 2003/10/02 :  21:53:40    Visit TEggHead's Homepage  Send TEggHead an ICQ Message  Click to see TEggHead's MSN Messenger address  Send TEggHead a Yahoo! Message  Reply with Quote
Dug this up from my archive, never tried it myself though...anyone wanna try?

quote:
It's a messy process, but if you have ssleay/openSSL you can also make
your own. Here's the commands (from my old version of SSLeay)...

First make a peudo CA...

mkdir ./demoCA
mkdir ./demoCA/certs
mkdir ./demoCA/crl
mkdir ./demoCA/newcerts
mkdir ./demoCA/private
echo "01" > ./demoCA/serial
touch ./demoCA/index.txt

This is from the unix shell script, but it's basically just making
some folders and initial text files. Then run...

>ssleay req -new -x509 -keyout ./demoCA/private/cakey.pem -out ./demoCA/cacert.pem -days 365

Now we make a new request...

>ssleay req -new -nodes -keyout newreq.pem -out newreq.pem -days 365

(when asked, don't enter anything under the "extra" attributes
section). This makes a "newreq.pem" file. Note the "nodes" option -
this makes the private key unencrypted. Highly insecure, if we were
going to use this for an actual cert, but ok in our case.

Next we "sign" the request...

>ssleay ca -policy policy_anything -out newcert.pem -infiles newreq.pem

This will create a "newcert.pem" file.

Finally edit "newreq.pem" and grab the section...

-----BEGIN RSA PRIVATE KEY-----
[base64 encoded stuff here]
-----END RSA PRIVATE KEY-----

and paste into a new "proxcert.pem" file. Finally from the
"newcert.pem" file grab the certificate data...

-----BEGIN CERTIFICATE-----
[encoded certificate]
-----END CERTIFICATE-----

and paste it after the provate key in the "proxcert.pem" file.

That should be all you need, but I've found it takes quite a bit of
trial and error to get it working. Browsers are sensitive to some
values and won't accept a certificate in some cases. For example, I've
never been able to make one last more than 365 days.

Anyway, hope that's of some use to someone out there. :-)

-Scott-


TEggHead


Edited by - TEggHead on 2003/10/02 21:54:45
Go to Top of Page

hpguru
Advanced Member

USA
2271 Posts
REPLY_ID=8153

Posted - 2003/10/02 :  22:21:38    Visit hpguru's Homepage  Reply with Quote
That is messy. Gotta be a better way.



God protect me from your followers.
Go to Top of Page

jor
Advanced Member

Netherlands
1134 Posts
REPLY_ID=8155

Posted - 2003/10/02 :  22:30:15    Visit jor's Homepage  Send jor an AOL message  Send jor an ICQ Message  Click to see jor's MSN Messenger address  Send jor a Yahoo! Message  Reply with Quote
Well, only one of us has to do it... and we can share the file.

And maybe SRL will come through when needed

Go to Top of Page

sidki3003
Moderator

Germany
561 Posts
REPLY_ID=8194

Posted - 2003/10/06 :  03:16:19    Visit sidki3003's Homepage  Send sidki3003 an AOL message  Send sidki3003 an ICQ Message  Reply with Quote
I made that one in August.

Attachment: proxcert.zip 1.97 KB

Go to Top of Page

hpguru
Advanced Member

USA
2271 Posts
REPLY_ID=8199

Posted - 2003/10/06 :  05:21:14    Visit hpguru's Homepage  Reply with Quote
Cool! Thanks sidki!



God protect me from your followers.
Go to Top of Page

jor
Advanced Member

Netherlands
1134 Posts
REPLY_ID=8205

Posted - 2003/10/06 :  19:20:16    Visit jor's Homepage  Send jor an AOL message  Send jor an ICQ Message  Click to see jor's MSN Messenger address  Send jor a Yahoo! Message  Reply with Quote
Thanks sidki
Go to Top of Page

Arne
Forum Admin

Denmark
1352 Posts
REPLY_ID=8206

Posted - 2003/10/06 :  22:40:40    Visit Arne's Homepage  Send Arne an AOL message  Send Arne an ICQ Message  Send Arne a Yahoo! Message  Reply with Quote
Thanks sidki3003! I moved the topic to the Proxomitron Updates forum so we know where to find it (works like a charm!)

Best wishes
Arne

Go to Top of Page

besafe
New Member

Canada
14 Posts
REPLY_ID=8210

Posted - 2003/10/07 :  00:34:26    Visit besafe's Homepage  Reply with Quote
Thanks sidki.
Go to Top of Page

JakBeNymble
Average Member


358 Posts
REPLY_ID=8213

Posted - 2003/10/07 :  02:03:35    Visit JakBeNymble's Homepage  Send JakBeNymble a Yahoo! Message  Reply with Quote
Hi "Guys",
What's the best way to update the certificate file? Just unzip it into the Proxo folder and let it over write the old one?
Safe-Surfin',
"Jak"
Go to Top of Page

hpguru
Advanced Member

USA
2271 Posts
REPLY_ID=8217

Posted - 2003/10/07 :  02:43:53    Visit hpguru's Homepage  Reply with Quote
That will work Jak.



God protect me from your followers.
Go to Top of Page

JakBeNymble
Average Member


358 Posts
REPLY_ID=8219

Posted - 2003/10/07 :  04:30:52    Visit JakBeNymble's Homepage  Send JakBeNymble a Yahoo! Message  Reply with Quote
A Great BIG THANKX "HpGuru"! You've always been a Great Friend!
"Jak"
Go to Top of Page

TEggHead
Average Member

Netherlands
485 Posts
REPLY_ID=8220

Posted - 2003/10/07 :  08:17:22    Visit TEggHead's Homepage  Send TEggHead an ICQ Message  Click to see TEggHead's MSN Messenger address  Send TEggHead a Yahoo! Message  Reply with Quote
Great work Sidki! thnx.

TEggHead

Go to Top of Page

Belthazor
Junior Member

United Kingdom
64 Posts
REPLY_ID=8675

Posted - 2003/10/19 :  09:44:46    Visit Belthazor's Homepage  Reply with Quote
Great work sidki and JakBeNymble...BUT...what is the point in filtering secure sites??? I've hardly seen ANY secure sites except from, login to hotmail [lasts 2 secs] & login to yahoo [no ads]... Anyway, why would a secure site have ads?

~Belthazor

Go to Top of Page

jor
Advanced Member

Netherlands
1134 Posts
REPLY_ID=8689

Posted - 2003/10/19 :  16:09:09    Visit jor's Homepage  Send jor an AOL message  Send jor an ICQ Message  Click to see jor's MSN Messenger address  Send jor a Yahoo! Message  Reply with Quote
Not all filtering has to do with ads: half my config is just to change sites so they work better for me. Stuff like making sure I can use Fast Forward on sites, alter layouts, etc..

And Yahoo and other sites do place ads behind a HTTPS login.

Go to Top of Page
Page: of 2  Topic Next Topic  
Next Page
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
xml Syndication: backend.asp Sessions since Sept 2002.    © Arne Flaaten Go To Top Of Page
This page was generated in 0.52 seconds. Powered By: Snitz Forums 2000 Version 3.4.01
Show topics started on date yyyymmdd
Calendar image
Swatch internet time  Show 7 days hits and views  
Server time: 12:40:03 AM