Security/DNSSEC-TLS-nginx: Difference between revisions
< Security
Jump to navigation
Jump to search
mNo edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
This page details how to set up a virtual machine running a modified version of nginx that uses a self-signed certificate with the DNSSEC TLS extension to authenticate https sessions. | This page details how to set up a virtual machine running a modified version of nginx that uses a self-signed certificate with the DNSSEC TLS extension to authenticate https sessions. | ||
# Set up a linux VM and enable a host-only network adapter so you can talk to it as well as a NAT'd adapter so it can talk to the internet (outside the scope of this article) | |||
# In that VM... | |||
# Get sources: | |||
## [http://nginx.org/download/nginx-1.0.4.tar.gz nginx-1.0.4.tar.gz] (not the most recent version - I'll update the patch against it when I get a chance) | |||
## [http://www.openssl.org/source/openssl-1.0.0d.tar.gz openssl-1.0.0d.tar.gz] | |||
# Get patches: | |||
## [http://hg.mozilla.org/users/dkeeler_mozilla.com/dnssec-tls/file/tip/nginx-1.0.4-dnssectls.patch nginx-1.0.4-dnssectls.patch] | |||
## [http://hg.mozilla.org/users/dkeeler_mozilla.com/dnssec-tls/file/tip/openssl-1.0.0d-dnssectls.patch openssl-1.0.0d-dnssectls.patch] | |||
Revision as of 18:17, 20 July 2011
This page details how to set up a virtual machine running a modified version of nginx that uses a self-signed certificate with the DNSSEC TLS extension to authenticate https sessions.
- Set up a linux VM and enable a host-only network adapter so you can talk to it as well as a NAT'd adapter so it can talk to the internet (outside the scope of this article)
- In that VM...
- Get sources:
- nginx-1.0.4.tar.gz (not the most recent version - I'll update the patch against it when I get a chance)
- openssl-1.0.0d.tar.gz
- Get patches: