Mailing List Archive

>
> I was looking for openssl command(s) to generate server side certificate
> and key so that https start working on my apache 2.4 web server on
> windows.
>
> I looked on Internet but found few commands but they all used different
> arguments to openssl.
>
> Can someone please give me exact openssl command(s) to use.
>
> I will appreciate it.

I think you need to search for setting up your own CA and sign certs. I don't think openssl commands are any differnt on windows. Maybe easier to get an existing cert and use that, and just ignore the warning?
Maybe there are even easier to use tools on windows that do this all for you? Microsoft certool?


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

> I think you need to search for setting up your own CA and sign certs.


Windows is my development environment. Later the website will be hosted on
linux and the linux hosting provider will provide SSL certificate.

I had looked at
https://stackoverflow.com/questions/4221874/how-do-i-allow-https-for-apache-on-localhost

But it looks like many answers on this page are obsolete now.


I don't think openssl commands are any differnt on windows.


Yeah, they are not. But I don't know what all arguments to give to openssl.

Maybe easier to get an existing cert and use that, and just ignore the
> warning?
> Maybe there are even easier to use tools on windows that do this all for
>

I actually want to use openssl. openssl.exe comes with apache 2.4
distribution.

>
> Windows is my development environment. Later the website will be hosted
> on linux and the linux hosting provider will provide SSL certificate.
>

But should your development be not protocol independent? If your code works on http it should also work on https. I am getting sick of these wordpress idiots where they still have hardcoded links everywhere and I can't even convert a website from http to https.
???????????????????????????????????????????????????????????????????????F?V?7V'67&?&R?R???âW6W'2?V?7V'67&?&T?GGB?6?R??&p?f?"FF?F????6????G2?R???âW6W'2?V??GGB?6?R??&p

> Can someone please give me exact openssl command(s) to use.
>

Command parameters can vary, and encryption technology is regulated by
national laws. You should consult with your IT security staff on this
matter if possible.

What you are probably looking for is “how to self-sign my TLS public key”.
Here’s a basic sketch of what this looks like in production:

You as subject have generated for your server a public/private key-pair
already with, eg, openssl. Now you need a certificate authority, ca, to
sign the public key, rendering your public key certificate. This is
achieved by creating a certificate signature request or csr with, eg,
openssl, and giving it to ca. Then ca may render the certificate to you for
you to distribute how you like. These steps can be achieved by you acting
both as subject and ca, by self-signing.

Here’s a possible SO question that might help you:
https://stackoverflow.com/questions/10175812/how-to-generate-a-self-signed-ssl-certificate-using-openssl

>

> But should your development be not protocol independent? If your code
> works on http it should also work on https. I am getting sick of these
> wordpress idiots where they still have hardcoded links everywhere and I
> can't even convert a website from http to https.
>

Are you saying that I am a wordpress idiot?

>
> Here’s a possible SO question that might help you:
>
> https://stackoverflow.com/questions/10175812/how-to-generate-a-self-signed-ssl-certificate-using-openssl
>

Thanks Will. I will look look into it.

>
>
> But should your development be not protocol independent? If your
> code works on http it should also work on https. I am getting sick of
> these wordpress idiots where they still have hardcoded links everywhere
> and I can't even convert a website from http to https.
>
>
>
> Are you saying that I am a wordpress idiot?
>

No :) Development/management team of wordpress are idiots. They are still advising people incorrectly to upgrade eg while distributions are backporting security stuff. A developer should just do developing. A dentist is also not telling an ophthalmologist what to do. Why do you care if you are using http or https? Unless you are developing something specific to the https protocol (eg. sni) forget about it.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

On Tuesday 16 April 2024 at 16:07:09, Marc wrote:

> A developer should just do developing.

Some people, especially in smaller organisations, have to be multi-skilled.

> A dentist is also not telling an ophthalmologist what to do.

No, but a dentist might have some valuable advice on diet.


Antony.

--
I wasn't sure about having a beard at first, but then it grew on me.

Please reply to the list;
please *don't* CC me.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

On Tue, Apr 16, 2024 at 11:11?AM Marc <Marc@f1-outsourcing.eu> wrote:

> >
> >
> > But should your development be not protocol independent? If your
> > code works on http it should also work on https. I am getting sick of
> > these wordpress idiots where they still have hardcoded links everywhere
> > and I can't even convert a website from http to https.
> >
> >
> >
> > Are you saying that I am a wordpress idiot?
> >
>
> No :) Development/management team of wordpress are idiots. They are still
> advising people incorrectly to upgrade eg while distributions are
> backporting security stuff. A developer should just do developing. A
> dentist is also not telling an ophthalmologist what to do. Why do you care
> if you are using http or https? Unless you are developing something
> specific to the https protocol (eg. sni) forget about it.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org


Marc, let's try to be friendly towards users and adopt a more neutral
tone. New users have questions, and it's normal. Calling folks "idiots"
isn't helping here.

Thanks.

> But should your development be not protocol independent? If your code
> works on http it should also work on https. I am getting sick of these
> wordpress idiots where they still have hardcoded links everywhere and I
> can't even convert a website from http to https.
>
TLS is not in the application layer as HTTP is, so it’s just a complication
that has to be managed in development. I don’t know how Wordpress works,
but there are solutions beyond its configuration.

For example, if you just need to verify your HTTP-based application
functions as desired, but there is commingling of HTTPS and HTTP in
application HREFs then use the `if` directive with a development-only
environment variable in your virtual hosts. If the client follows a HTTPS
link that isn’t going to work for keying material reasons, have the 443
virtual host redirect to 80 if the development variable in the development
environment

Pardon me- have 443 redirect to 80 of the environment variable is true.
Alternatively, have a completely different 443 vhost declared for
development purposes

On Tue, Apr 16, 2024 at 11:30?AM Will Fatherley <wefatherley@gmail.com>
wrote:

>
> But should your development be not protocol independent? If your code
>> works on http it should also work on https. I am getting sick of these
>> wordpress idiots where they still have hardcoded links everywhere and I
>> can't even convert a website from http to https.
>>
> TLS is not in the application layer as HTTP is, so it’s just a
> complication that has to be managed in development. I don’t know how
> Wordpress works, but there are solutions beyond its configuration.
>
> For example, if you just need to verify your HTTP-based application
> functions as desired, but there is commingling of HTTPS and HTTP in
> application HREFs then use the `if` directive with a development-only
> environment variable in your virtual hosts. If the client follows a HTTPS
> link that isn’t going to work for keying material reasons, have the 443
> virtual host redirect to 80 if the development variable in the development
> environment
>

>
> Pardon me- have 443 redirect to 80 of the environment variable is true.
> Alternatively, have a completely different 443 vhost declared for
> development purposes
>
> On Tue, Apr 16, 2024 at 11:30?AM Will Fatherley <wefatherley@gmail.com
> <mailto:wefatherley@gmail.com> > wrote:
>
>
>
> But should your development be not protocol independent? If
> your code works on http it should also work on https. I am getting sick
> of these wordpress idiots where they still have hardcoded links
> everywhere and I can't even convert a website from http to https.
>
>
> TLS is not in the application layer as HTTP is, so it’s just a
> complication that has to be managed in development. I don’t know how
> Wordpress works, but there are solutions beyond its configuration.

You are writting it is not application layer and then write it needs to be addressed in development?

> For example, if you just need to verify your HTTP-based application
> functions as desired, but there is commingling of HTTPS and HTTP in
> application HREFs then use the `if` directive with a development-only
> environment variable in your virtual hosts. If the client follows a HTTPS
> link that isn’t going to work for keying material reasons, have the 443
> virtual host redirect to 80 if the development variable in the
> development environment
>

This is more about the ability to host an application regardless if it is on http or https. How https is enforced/applied is up to the manager of the server, why would you even care as a developer of an application?


???????????????????????????????????????????????????????????????????????F?V?7V'67&?&R?R???âW6W'2?V?7V'67&?&T?GGB?6?R??&p?f?"FF?F????6????G2?R???âW6W'2?V??GGB?6?R??&p

On Tuesday 16 April 2024 at 18:42:09, Marc wrote:

> This is more about the ability to host an application regardless if it is
> on http or https. How https is enforced/applied is up to the manager of
> the server, why would you even care as a developer of an application?

I often develop applications on servers which I manage.

Please stop trying to enforce your opinion of the demarcation between
disciplines on other people.

Not every developer is only a developer.


Antony.

--
"Can you keep a secret?"
"Well, I shouldn't really tell you this, but... no."


Please reply to the list;
please *don't* CC me.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

> >
> > But should your development be not protocol independent? If
> your
> > code works on http it should also work on https. I am getting
> sick of
> > these wordpress idiots where they still have hardcoded links
> everywhere
> > and I can't even convert a website from http to https.
> >
> >
> >
> > Are you saying that I am a wordpress idiot?
> >
>
> No :) Development/management team of wordpress are idiots. They are
> still advising people incorrectly to upgrade eg while distributions are
> backporting security stuff. A developer should just do developing. A
> dentist is also not telling an ophthalmologist what to do. Why do you
> care if you are using http or https? Unless you are developing something
> specific to the https protocol (eg. sni) forget about it.
>
>
>
> Marc, let's try to be friendly towards users and adopt a more neutral
> tone. New users have questions, and it's normal. Calling folks "idiots"
> isn't helping here.
>

And I am trying so hard to be part of the woke movement. 15 years ago people were not writing about gays. Maybe it takes another 15 years to be allowed to write about idiots. They already are officially mentioned in the dictionary. ;)


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

On Tuesday 16 April 2024 at 18:57:13, Marc wrote:

> 15 years ago people were not writing about gays.
>
> Maybe it takes another 15 years to be allowed to write about idiots.

Don't be silly.

Gay people identify themselves as gay, and talking about them as such is not a
pejorative term.

If you can find someone who identifies themselves as an idiot, then perhaps
you're allowed to refer to them as such, but if it's just your own opinion
that they're an idiot, you're being anti-social and unpleasant.

I think all Frank was trying to say was "please let's keep to the technical
support of people who are trying to use Apache, and stop throwing insults at
them, because it's not constructive to the conversation".


Antony.

--
Software development can be quick, high quality, or low cost.

The customer gets to pick any two out of three.

Please reply to the list;
please *don't* CC me.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

>
> On Tuesday 16 April 2024 at 18:42:09, Marc wrote:
>
> > This is more about the ability to host an application regardless if it
> is
> > on http or https. How https is enforced/applied is up to the manager of
> > the server, why would you even care as a developer of an application?
>
> I often develop applications on servers which I manage.

How is this relevant?

> Please stop trying to enforce your opinion of the demarcation between
> disciplines on other people.
>
> Not every developer is only a developer.
>

This is also not relevant to what I am stating. If you develop, do it regardless of http/https that is convenient for everyone. It will be to your own benefit. If you have to host the application on your own server, so be it. It will be easier with choosing your https solution. You could already be developing it now, and later you can check how to use openssl. Last thing you want, is an application that forces https or http.

???????????????????????????????????????????????????????????????????????F?V?7V'67&?&R?R???âW6W'2?V?7V'67&?&T?GGB?6?R??&p?f?"FF?F????6????G2?R???âW6W'2?V??GGB?6?R??&p

> This is also not relevant to what I am stating. If you develop, do it
> regardless of http/https that is convenient for everyone. It will be to
> your own benefit. If you have to host the application on your own server,
> so be it. It will be easier with choosing your https solution. You could
> already be developing it now, and later you can check how to use openssl.
> Last thing you want, is an application that forces https or http.
>


http is an insecure protocol. I don't want my website to run on http. So, I
am hardcoding https in links in my website that refer to pages in my
website.

Now, I know that you will write why not redirect http to https by default.
The problem with this is that if the website gets migrated to different
provider and if people forget to redirect http to https in new setup then
it will become a security problem.

Hardcoding https solves all issues.

I have always had issues with OpenSSL on Windows, so I gave up and started
using xca (https://hohnstaedt.de/xca/). I created a root certificate that I
imported into the Windows trust store and I create new certificates for
each website in my dev environment.

- Y

On Tue, Apr 16, 2024 at 9:26?PM General Email <
general.email.12341234@gmail.com> wrote:

>
> This is also not relevant to what I am stating. If you develop, do it
>> regardless of http/https that is convenient for everyone. It will be to
>> your own benefit. If you have to host the application on your own server,
>> so be it. It will be easier with choosing your https solution. You could
>> already be developing it now, and later you can check how to use openssl.
>> Last thing you want, is an application that forces https or http.
>>
>
>
> http is an insecure protocol. I don't want my website to run on http. So,
> I am hardcoding https in links in my website that refer to pages in my
> website.
>
> Now, I know that you will write why not redirect http to https by default.
> The problem with this is that if the website gets migrated to different
> provider and if people forget to redirect http to https in new setup then
> it will become a security problem.
>
> Hardcoding https solves all issues.
>
>
>

>
> http is an insecure protocol. I don't want my website to run on
> http. So, I am hardcoding https in links in my website that refer to
> pages in my website.
>
>
> Now, I know that you will write why not redirect http to https by
> default.

No because that is not relevant to me and what I would like to address. I am even deploying https on tasks in private air-gapped environments. This is not a discussion about whether or not https should be used and when.


> The problem with this is that if the website gets migrated to
> different provider and if people forget to redirect http to https in new
> setup then it will become a security problem.

I know there are many idiots out there and your concern is very valid. Most of the security breaches you read about is about such issues.
However, can you imagine the apache dev team thinking like you? Hard coding everything to https? Can you imagine all http ports of tomcat, httpd, jboss etc. being dropped? These people have been making rock solid applications for decades they don't lecture others how to use or not use https.
You will never match them in any way, why not follow their lead?


> Hardcoding https solves all issues.
>

A few years back I had an argument with apple developers. They were having in the build process of the calendar server openssl. The developers thought for security purposes it would be better to include it in the build. This resulted in that calenderservers were always having an old insecure openssl, because the openssl updated by the distribution was not used. (and nobody is going to build the application frequently) This is what happens when application developers think they are security geniuses.

The point I am trying to make is that you as an application developer should be focussed on developing your application it is not your business how this application is hosted. You should not concern yourself with things you are not experienced in/with. Especially when it comes to something as crucial as security. You are not removing ca certs from the trust store, your are not setting secure ciphers, you are not setting limits on key sizes etc. Why would you then even bother with https or http?

With your argument you might as well hard code the domain name in your application (like wordpress) and hardcode root name servers etc.
If you buy an egg in the store, it does not come with any requirement that it should be used only for making cakes. Grasp this concept.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

On Wed, Apr 17, 2024, 1:17?PM Marc <Marc@f1-outsourcing.eu> wrote:

>
> >
> > http is an insecure protocol. I don't want my website to run on
> > http. So, I am hardcoding https in links in my website that refer to
> > pages in my website.
> >
> >
> > Now, I know that you will write why not redirect http to https by
> > default.
>
> No because that is not relevant to me and what I would like to address. I
> am even deploying https on tasks in private air-gapped environments. This
> is not a discussion about whether or not https should be used and when.
>
>
> > The problem with this is that if the website gets migrated to
> > different provider and if people forget to redirect http to https in new
> > setup then it will become a security problem.
>
> I know there are many idiots out there and your concern is very valid.
> Most of the security breaches you read about is about such issues.
> However, can you imagine the apache dev team thinking like you? Hard
> coding everything to https? Can you imagine all http ports of tomcat,
> httpd, jboss etc. being dropped? These people have been making rock solid
> applications for decades they don't lecture others how to use or not use
> https.
> You will never match them in any way, why not follow their lead?
>
>
> > Hardcoding https solves all issues.
> >
>
> A few years back I had an argument with apple developers. They were having
> in the build process of the calendar server openssl. The developers thought
> for security purposes it would be better to include it in the build. This
> resulted in that calenderservers were always having an old insecure
> openssl, because the openssl updated by the distribution was not used. (and
> nobody is going to build the application frequently) This is what happens
> when application developers think they are security geniuses.
>
> The point I am trying to make is that you as an application developer
> should be focussed on developing your application it is not your business
> how this application is hosted. You should not concern yourself with things
> you are not experienced in/with. Especially when it comes to something as
> crucial as security. You are not removing ca certs from the trust store,
> your are not setting secure ciphers, you are not setting limits on key
> sizes etc. Why would you then even bother with https or http?
>
> With your argument you might as well hard code the domain name in your
> application (like wordpress) and hardcode root name servers etc.
> If you buy an egg in the store, it does not come with any requirement that
> it should be used only for making cakes. Grasp this concept.
>


Marc,

I don't know what you are trying to prove by your points + you are
insulting people for no reason.

If you insult people, they may insult you back.

Russia attacked Ukraine and Ukraine/NATO hit Russia back.

The original discussion was about openssl commands and I think that since
you don't know openssl commands, you should not have said anything.

Let other people do what they want to do. If they want to hardcode
something, why are you bothered.

I will hard code https, its my choice. It has nothing to do with you.

Now, you are saying to hard code root name servers, etc. which doesn't make
sense.

You are taking this discussion in all sorts of directions and I don't know
what you want to prove.

If you want to prove that you are a very smart person and other people are
fools then for that you need to play chess with all other people and win
all the games. You can invite wordpress idiots to play chess with you and
then if you win then probably you can tell that person that he/she is an
idiot.

There are many people in this world who are very smart but they don't say
that other people are fools - for example, Steve Wozniak, Larry Page,
Knuth, etc.

If people are asking for advice on PHP then advise them on PHP or don't say
anything. Don't start advising them about Java.

By the way, if you insult me, I will insult you back.

GE

> I don't know what you are trying to prove by your points + you are
> insulting people for no reason.

I am insulting no one, mostly stating what is common.


> If you insult people, they may insult you back.
>
> Russia attacked Ukraine and Ukraine/NATO hit Russia back.

I think you are the only one on this planet that would dare to summarize this conflict like this. But it proves my point, stick just to what you know, with development.


> The original discussion was about openssl commands and I think that since
> you don't know openssl commands, you should not have said anything.
>

You wrote it was for a local development environment. I just thought why bother with the openssl? Obviously I should not have made assumptions. You could also be cryptographer working on mod_ssl.


> Let other people do what they want to do. If they want to hardcode
> something, why are you bothered.

I am just pointing out there multiple roads that lead to Rome. Some of which are known to be less troublesome than others. If you get stuck on some dirt track to Rome, others will be required to come and help.


> I will hard code https, its my choice. It has nothing to do with you.
>

Obviously, I am just stating it is not really what most experienced professionals do.


> Now, you are saying to hard code root name servers, etc. which doesn't
> make sense.

Because you do not know about it. That is the point I am trying to make. Just separate it from application development.


> You are taking this discussion in all sorts of directions and I don't
> know what you want to prove.

Really? I thought I made my point numerous times.


> If people are asking for advice on PHP then advise them on PHP or don't say anything.
> Don't start advising them about Java.

Please... I am not even making remarks about you asking openssl questions at httpd.


>
> By the way, if you insult me, I will insult you back.
>

I think most people will understand that I try to make you see the difference between developing an application and how it is hosted/used what ever, operate within your area of expertise.

B?KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB??[??X???X?KK[XZ[?\?\??][??X???X?P?\X?K???B???Y][?[??[X[??K[XZ[?\?\??Z[?\X?K???B

>
> > If people are asking for advice on PHP then advise them on PHP or don't
> say anything.
> > Don't start advising them about Java.
>
> Please... I am not even making remarks about you asking openssl questions
> at httpd.
>


So, is this wrong forum for asking about openssl commands required for
generating certificates for enabling https on apache?

I can easily look at openssl website or other websites and look how to
create self signed certificates. However, I was not sure if that would work
on apache. That's why I asked here.

Most of the websites showed how to generate .pem certificates, but after
reading about ssl/https on apache website, I saw that apache requires .crt
certificates.

Obviously, I can figure out this whole thing if I read whole openssl manual
and apache ssl configs, etc. but I don't want to invest time in that and I
was looking for a quick solution and that's why I posted here.



> I think most people will understand that I try to make you see the
> difference between developing an application and how it is hosted/used what
> ever, operate within your area of expertise.
>

I know this and I told you that I want to hard code https. Now, please tell
me how can my idea go wrong?

Please don't tell me how other people's unrelated ideas went wrong.

Let's have a meaningful discussion.

I don't work for any company.

I do freelancing. I am doing this project for a real estate client. So, its
only me who will do everything and decide everything - development,
testing, maintenance hosting, hard coding, migration, https, ssl, etc.

I would really like to know how my idea of hardcoding https can go wrong?

On Wed, Apr 17, 2024, 3:27?PM General Email <
general.email.12341234@gmail.com> wrote:

>
>
>> > If people are asking for advice on PHP then advise them on PHP or don't
>> say anything.
>> > Don't start advising them about Java.
>>
>> Please... I am not even making remarks about you asking openssl questions
>> at httpd.
>>
>
>
> So, is this wrong forum for asking about openssl commands required for
> generating certificates for enabling https on apache?
>
> I can easily look at openssl website or other websites and look how to
> create self signed certificates. However, I was not sure if that would work
> on apache. That's why I asked here.
>
> Most of the websites showed how to generate .pem certificates, but after
> reading about ssl/https on apache website, I saw that apache requires .crt
> certificates.
>
> Obviously, I can figure out this whole thing if I read whole openssl
> manual and apache ssl configs, etc. but I don't want to invest time in that
> and I was looking for a quick solution and that's why I posted here.
>
>
>
>> I think most people will understand that I try to make you see the
>> difference between developing an application and how it is hosted/used what
>> ever, operate within your area of expertise.
>>
>
> I know this and I told you that I want to hard code https. Now, please
> tell me how can my idea go wrong?
>
> Please don't tell me how other people's unrelated ideas went wrong.
>
> Let's have a meaningful discussion.
>
> I don't work for any company.
>
> I do freelancing. I am doing this project for a real estate client. So,
> its only me who will do everything and decide everything - development,
> testing, maintenance hosting, hard coding, migration, https, ssl, etc.
>
> I would really like to know how my idea of hardcoding https can go wrong?
>

Anyways, I looked more on google and I think that I have found what I was
looking for on this page:
https://gist.github.com/taoyuan/39d9bc24bafc8cc45663683eae36eb1a

>
> So, is this wrong forum for asking about openssl commands required
> for generating certificates for enabling https on apache?
>

Mostly you will be notified. The only thing you need to add to your virtual host for https is this:

SSLEngine on
SSLCertificateFile
SSLCertificateChainFile
SSLCertificateKeyFile

It really does not matter how keys / crts have been generated. Just choose something that is quick and easy.

>
> Most of the websites showed how to generate .pem certificates, but
> after reading about ssl/https on apache website, I saw that apache
> requires .crt certificates.

pem, crt, cer check if they start like this

-----BEGIN CERTIFICATE-----

check apache log file for start up errors.

> Obviously, I can figure out this whole thing if I read whole
> openssl manual and apache ssl configs, etc. but I don't want to invest
> time in that and I was looking for a quick solution and that's why I
> posted here.
>

Just choose a tool that can quickly generate key and crt. Does not matter which tool. Someone send you already reply to something.


> I would really like to know how my idea of hardcoding https can go
> wrong?
>

It can be anything, it is just unexpected application behaviour to someone who might work with it in the future. Maybe internal health check url? Cron? Debugging? Personally I find it sometimes annoying with testing container images. In my own development environment I am constantly switching between development and production certs.

I would always opt for having this at least configured as an option.

>
> Anyways, I looked more on google and I think that I have found what I was
> looking for on this page:
> https://gist.github.com/taoyuan/39d9bc24bafc8cc45663683eae36eb1a
>

Forget about going specific for openssl, it is just a tool. Choose the simplest solution for your development environment. If you are doing hosting yourself. Your going to end up with automated certs on your hosting environment any way, you will never see an openssl command.




B?KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB??[??X???X?KK[XZ[?\?\??][??X???X?P?\X?K???B???Y][?[??[X[??K[XZ[?\?\??Z[?\X?K???B