Security/DNSSEC-TLS-nginx: Difference between revisions

Revision as of 18:22, 20 July 2011

This page details how to set up a virtual machine running a modified version of nginx that uses a self-signed certificate with the DNSSEC TLS extension to authenticate https sessions.

Set up a linux VM and enable a host-only network adapter so you can talk to it as well as a NAT'd adapter so it can talk to the internet (outside the scope of this article)
In that VM...
Get sources:
1. nginx-1.0.4.tar.gz (not the most recent version - I'll update the patch against it when I get a chance)
2. openssl-1.0.0d.tar.gz
Get patches:
1. nginx-1.0.4-dnssectls.patch
2. openssl-1.0.0d-dnssectls.patch
Install a local copy of openssl:
1. Untar the archive and cd to the directory
2. Apply the patch
3. Run './config', 'make'
Build nginx:
1. Untar the archive and cd to the directory
2. Apply the patch
3. Run './configure --with-openssl=$HOME/openssl-1.0.0d --with-http_ssl_module --without-http_rewrite_module --prefix=`pwd`', 'make'
Make sure you don't have other webservers running on the machine (Ubuntu seems to have one by default)
Start nginx: 'sudo ./obj/nginx'

@@ Line 9: / Line 9: @@
 ## [http://hg.mozilla.org/users/dkeeler_mozilla.com/dnssec-tls/file/tip/nginx-1.0.4-dnssectls.patch nginx-1.0.4-dnssectls.patch]
 ## [http://hg.mozilla.org/users/dkeeler_mozilla.com/dnssec-tls/file/tip/openssl-1.0.0d-dnssectls.patch openssl-1.0.0d-dnssectls.patch]
+# Install a local copy of openssl:
+## Untar the archive and cd to the directory
+## Apply the patch
+## Run './config', 'make'
+# Build nginx:
+## Untar the archive and cd to the directory
+## Apply the patch
+## Run './configure --with-openssl=$HOME/openssl-1.0.0d --with-http_ssl_module --without-http_rewrite_module --prefix=`pwd`', 'make'
+# Make sure you don't have other webservers running on the machine (Ubuntu seems to have one by default)
+# Start nginx: 'sudo ./obj/nginx'

Security/DNSSEC-TLS-nginx: Difference between revisions

Revision as of 18:22, 20 July 2011

Navigation menu

Search