差分
このページの2つのバージョン間の差分を表示します。
両方とも前のリビジョン 前のリビジョン 次のリビジョン | 前のリビジョン | ||
mac:mac_os_x_v10.6でsubversionリポジトリのパスベース認証を行う [2011-05-29 23:57] Decomo [公開鍵の生成] |
mac:mac_os_x_v10.6でsubversionリポジトリのパスベース認証を行う [2013-07-24 11:21] Decomo [参考サイト] |
||
---|---|---|---|
行 55: | 行 55: | ||
Require valid-user | Require valid-user | ||
AuthType Basic # ベーシック認証を使う | AuthType Basic # ベーシック認証を使う | ||
+ | AuthName " | ||
AuthUserFile / | AuthUserFile / | ||
AuthzSVNAccessFile / | AuthzSVNAccessFile / | ||
行 104: | 行 105: | ||
# openssl genrsa -aes256 2048 > server.key | # openssl genrsa -aes256 2048 > server.key | ||
Generating RSA private key, 2048 bit long modulus | Generating RSA private key, 2048 bit long modulus | ||
- | ............................+++ | + | ..................................................................................................+++ |
- | ..................................+++ | + | ..............+++ |
e is 65537 (0x10001) | e is 65537 (0x10001) | ||
- | Enter pass phrase:(パスワード) | + | Enter pass phrase: |
Verifying - Enter pass phrase: | Verifying - Enter pass phrase: | ||
- | </ | ||
- | |||
- | 上記方法で生成したキーだとApacheの起動時にパスワードの入力を求められるらしいが、Mac OS Xだと何それ美味しいの状態なのでパスワードを解除しておく。 | ||
- | < | ||
- | # mv server.key server.bak | ||
- | # openssl rsa -in server.key.bak > server.key | ||
- | Enter pass phrase for server.key.back: | ||
- | writing RSA key | ||
</ | </ | ||
==== 公開鍵の生成 ==== | ==== 公開鍵の生成 ==== | ||
< | < | ||
- | # openssl req -new -key server.key > server.csr | + | # openssl req -new -key server.key > |
Enter pass phrase for server.key: | Enter pass phrase for server.key: | ||
You are about to be asked to enter information that will be incorporated | You are about to be asked to enter information that will be incorporated | ||
行 135: | 行 128: | ||
Organization Name (eg, company) [Internet Widgits Pty Ltd]: | Organization Name (eg, company) [Internet Widgits Pty Ltd]: | ||
Organizational Unit Name (eg, section) []:CA | Organizational Unit Name (eg, section) []:CA | ||
- | Common Name (eg, YOUR name) []:mysvn.info(サーバのIPアドレスもしくはドメイン名) | + | Common Name (eg, YOUR name) []:ホスト名 |
Email Address []: | Email Address []: | ||
Please enter the following ' | Please enter the following ' | ||
to be sent with your certificate request | to be sent with your certificate request | ||
- | A challenge password []:(パスワード) | + | A challenge password []: 空白 |
- | An optional company name []:(特に指定しない) | + | An optional company name []: 空白 |
+ | </ | ||
- | # openssl x509 -in server.csr -out server.crt | + | ==== 自己証明書の生成 ==== |
+ | < | ||
+ | # # openssl x509 -in server.csr -days 3650 -req -signkey server.key | ||
Signature ok | Signature ok | ||
subject=/ | subject=/ | ||
Getting Private key | Getting Private key | ||
+ | Enter pass phrase for server.key: | ||
+ | </ | ||
+ | |||
+ | ==== 秘密鍵のパスワードの解除 ==== | ||
+ | 上記方法で生成したキーだとApacheの起動時にパスワードの入力を求められるらしいが、Mac OS Xだと何それ美味しいの状態なのでパスワードを解除しておく。 | ||
+ | < | ||
+ | # mv server.key server.key.bak | ||
+ | # openssl rsa -in server.key.bak -out server.key | ||
+ | Enter pass phrase for server.key.bak: | ||
+ | writing RSA key | ||
+ | </ | ||
+ | |||
+ | ==== subversion.confの編集==== | ||
+ | subversion.conf.incにリネームし、< | ||
+ | < | ||
+ | # mv subversion.conf subversion.conf.inc | ||
+ | # emacs subversion.conf.inc | ||
+ | < | ||
+ | < | ||
+ | |||
+ | < | ||
+ | DAV svn | ||
+ | SVNListParentPath on | ||
+ | SVNParentPath / | ||
+ | SSLRequireSSL | ||
+ | Satisfy Any # 匿名ユーザーを許可 | ||
+ | Require valid-user | ||
+ | AuthType Basic # ベーシック認証を使う | ||
+ | AuthName " | ||
+ | AuthUserFile / | ||
+ | AuthzSVNAccessFile / | ||
+ | </ | ||
+ | |||
+ | </ | ||
+ | </ | ||
</ | </ | ||
==== mod_sslの設定 ==== | ==== mod_sslの設定 ==== | ||
/ | / | ||
- | |||
- | また、先ほど作成したsubversion.confをsubversion.conf.incにリネームしておく。 | ||
< | < | ||
行 208: | 行 237: | ||
===== 参考サイト ===== | ===== 参考サイト ===== | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
* [[http:// | * [[http:// | ||
* [[http:// | * [[http:// | ||
* [[http:// | * [[http:// | ||
* [[http:// | * [[http:// | ||
+ | |||
+ | ~~DISCUSSION~~ |