readme.txt file describing how the SSL files where generated. Basically, steps 1 and 2 as described in http://www.vanemery.com/Linux/Apache/apache-SSL.html were followed to finally generate a server key and a self-signed server certificate. There are many other ways to arrive at the same results, and many more options. *** dhparam.pem *** this file contains the Diffie-Hellman parameters. it was generated as follows: openssl dhparam -out /Users/sven/darcs/s-http-server/rsrc/dhparam.pem 1024 its contents can be viewed as follows: openssl dhparam -in /Users/sven/darcs/s-http-server/rsrc/dhparam.pem -text Diffie-Hellman-Parameters: (1024 bit) prime: 00:d7:16:bf:07:37:ff:46:f1:98:b3:11:61:b4:b5: 91:35:14:7b:a7:af:ec:c3:87:f4:cb:ba:34:ea:c3: f2:3f:01:43:0d:e9:b2:4f:e3:0e:1d:87:4a:de:33: c6:65:07:71:a5:ba:6a:18:c9:1b:4b:91:2c:f9:2f: aa:c5:12:f2:4c:63:bc:82:8f:15:c1:7e:40:d5:0e: 93:5b:29:45:35:88:b3:61:27:1b:51:2d:07:91:52: dd:ba:ff:a1:9e:0d:68:c1:b5:e7:8c:23:c4:52:d0: 2c:0a:ba:f1:80:57:d1:6f:62:92:79:41:b7:4b:d9: a3:f7:73:8e:d0:7a:26:a0:f3 generator: 2 (0x2) -----BEGIN DH PARAMETERS----- MIGHAoGBANcWvwc3/0bxmLMRYbS1kTUUe6ev7MOH9Mu6NOrD8j8BQw3psk/jDh2H St4zxmUHcaW6ahjJG0uRLPkvqsUS8kxjvIKPFcF+QNUOk1spRTWIs2EnG1EtB5FS 3br/oZ4NaMG154wjxFLQLAq68YBX0W9iknlBt0vZo/dzjtB6JqDzAgEC -----END DH PARAMETERS----- *** test-server.key *** this file contains the RSA private key. it was generated as follows: openssl genrsa -des3 -out test-server.key 1024 its contents can be viewed as follows (publishing this info reveals the key ;-): openssl rsa -in test-server.key -text Enter pass phrase for test-server.key: Private-Key: (1024 bit) modulus: 00:e6:1d:b6:28:ec:b9:b9:60:83:fb:6b:08:11:be: 37:60:d3:3b:63:df:3d:6d:52:57:df:5b:40:25:d0: 11:a3:ab:9f:d1:44:99:53:66:e7:d3:48:a9:16:f2: f2:60:f4:53:06:57:12:50:33:93:00:d1:0e:30:cb: a1:4c:a8:20:27:7f:a2:1c:ec:27:d2:f5:01:d2:b7: e2:53:a5:44:68:7a:bb:58:16:34:c2:e3:b7:dc:34: b7:9f:11:8d:05:bc:c4:a2:68:0d:d3:48:52:0b:1a: ba:db:c4:c5:3a:70:48:a4:d7:cb:bf:2b:af:6e:82: c9:5e:97:68:a2:72:4c:36:cb publicExponent: 65537 (0x10001) privateExponent: 57:a1:46:e6:2c:c7:c9:25:4c:fd:68:53:e9:55:d3: 86:e6:c9:be:0d:9c:39:ce:5a:b2:2e:f0:ad:b5:9f: 92:01:60:59:f3:d2:a3:a5:13:71:2d:41:5f:00:e3: 76:32:74:8f:7c:86:f7:cd:bc:14:5a:88:19:e2:e1: a8:ec:79:59:78:60:4b:66:14:ef:5e:20:0d:a7:0f: e7:2c:f6:5b:79:89:db:80:fc:4d:e5:92:28:24:7f: b2:8d:4f:2d:83:fd:19:07:cd:38:53:67:40:16:87: f6:86:6c:59:1d:59:21:37:5d:1f:51:4f:d5:35:9b: 6e:48:a5:92:38:90:c9:11 prime1: 00:f9:39:ce:85:00:ca:63:a0:62:29:ae:99:f9:06: ac:98:42:2f:8b:c6:4d:6f:c4:a8:0e:f4:71:95:6d: 36:f4:38:b7:7d:34:66:4e:d1:b7:61:9c:0b:ca:3a: eb:28:49:51:7a:42:ff:87:d4:41:34:d5:50:54:24: b1:6a:5e:a3:e9 prime2: 00:ec:5e:ee:de:a1:4c:ca:75:c8:69:37:b1:4b:30: 28:98:a2:a6:6c:95:6d:c5:6f:a9:a1:bf:89:23:07: 75:38:e1:c8:c0:0d:46:d9:cf:3b:ea:d9:50:f9:8e: 8d:03:cd:52:f8:73:ae:c3:04:70:28:c8:88:9d:78: fc:33:3c:58:93 exponent1: 0f:49:90:75:70:1a:fa:09:78:7b:fe:0d:cb:cc:b1: 01:95:ed:bc:b1:29:46:d5:d5:49:35:8d:52:11:24: f1:ce:18:d3:41:47:95:46:1f:ed:88:d8:e0:4a:c4: e9:ef:b5:63:be:80:56:20:9a:ef:56:b6:5a:b2:f5: 7f:04:d7:21 exponent2: 00:d4:e3:43:dc:fc:05:ff:ab:49:8f:8a:7b:82:2e: a3:c1:a5:6c:a3:0b:8a:cc:72:1f:a3:f0:b0:80:fe: 2c:93:c8:b7:58:52:1c:e7:fb:80:09:ab:25:05:3f: 60:be:75:e5:2e:a4:72:58:6e:dc:dd:be:8f:5c:d5: 24:c0:b8:af:45 coefficient: 00:d4:11:23:a9:ba:18:76:67:a1:6e:3b:74:d7:e8: 19:40:45:de:f3:87:65:74:df:1c:12:c8:ca:24:6f: 69:8d:9a:0e:07:14:95:ec:af:de:65:4f:04:1c:8f: 2e:94:48:88:8a:88:7b:6c:69:ce:5a:ba:5a:11:f6: 9c:de:34:cb:28 writing RSA key -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDmHbYo7Lm5YIP7awgRvjdg0ztj3z1tUlffW0Al0BGjq5/RRJlT ZufTSKkW8vJg9FMGVxJQM5MA0Q4wy6FMqCAnf6Ic7CfS9QHSt+JTpURoertYFjTC 47fcNLefEY0FvMSiaA3TSFILGrrbxMU6cEik18u/K69ugslel2iickw2ywIDAQAB AoGAV6FG5izHySVM/WhT6VXThubJvg2cOc5asi7wrbWfkgFgWfPSo6UTcS1BXwDj djJ0j3yG9828FFqIGeLhqOx5WXhgS2YU714gDacP5yz2W3mJ24D8TeWSKCR/so1P LYP9GQfNOFNnQBaH9oZsWR1ZITddH1FP1TWbbkilkjiQyRECQQD5Oc6FAMpjoGIp rpn5BqyYQi+Lxk1vxKgO9HGVbTb0OLd9NGZO0bdhnAvKOusoSVF6Qv+H1EE01VBU JLFqXqPpAkEA7F7u3qFMynXIaTexSzAomKKmbJVtxW+pob+JIwd1OOHIwA1G2c87 6tlQ+Y6NA81S+HOuwwRwKMiInXj8MzxYkwJAD0mQdXAa+gl4e/4Ny8yxAZXtvLEp RtXVSTWNUhEk8c4Y00FHlUYf7YjY4ErE6e+1Y76AViCa71a2WrL1fwTXIQJBANTj Q9z8Bf+rSY+Ke4Iuo8GlbKMLisxyH6PwsID+LJPIt1hSHOf7gAmrJQU/YL515S6k clhu3N2+j1zVJMC4r0UCQQDUESOpuhh2Z6FuO3TX6BlARd7zh2V03xwSyMokb2mN mg4HFJXsr95lTwQcjy6USIiKiHtsac5auloR9pzeNMso -----END RSA PRIVATE KEY----- *** test-server.crt *** this file contains the self-signed certificate. it was generated as follows: (first setup a - dummy - certification authority) openssl genrsa -des3 -out my-ca.key 2048 openssl req -new -x509 -days 3650 -key my-ca.key -out my-ca.crt [openssl x509 -in my-ca.crt -text -noout] (next generate a request and have it signed by the certification authority) openssl req -new -key test-server.key -out test-server.csr openssl x509 -req -in test-server.csr -out test-server.crt -sha1 -CA my-ca.crt -CAkey my-ca.key -CAcreateserial -days 3650 its contents can be viewed as follows: openssl x509 -in test-server.crt -text Certificate: Data: Version: 1 (0x0) Serial Number: c6:0e:6a:7a:39:e1:45:9f Signature Algorithm: sha1WithRSAEncryption Issuer: C=BE, ST=Flanders, L=Hasselt, O=Beta Nine BVBA, OU=software engineering, CN=Sven Van Caekenberghe/emailAddress=sven@beta9.be Validity Not Before: Apr 7 14:17:34 2006 GMT Not After : Apr 4 14:17:34 2016 GMT Subject: C=BE, ST=Flanders, L=Hasselt, O=Beta Nine BVBA, OU=software engineering, CN=localhost/emailAddress=sven@beta9.be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:e6:1d:b6:28:ec:b9:b9:60:83:fb:6b:08:11:be: 37:60:d3:3b:63:df:3d:6d:52:57:df:5b:40:25:d0: 11:a3:ab:9f:d1:44:99:53:66:e7:d3:48:a9:16:f2: f2:60:f4:53:06:57:12:50:33:93:00:d1:0e:30:cb: a1:4c:a8:20:27:7f:a2:1c:ec:27:d2:f5:01:d2:b7: e2:53:a5:44:68:7a:bb:58:16:34:c2:e3:b7:dc:34: b7:9f:11:8d:05:bc:c4:a2:68:0d:d3:48:52:0b:1a: ba:db:c4:c5:3a:70:48:a4:d7:cb:bf:2b:af:6e:82: c9:5e:97:68:a2:72:4c:36:cb Exponent: 65537 (0x10001) Signature Algorithm: sha1WithRSAEncryption 76:2e:dc:b5:bd:42:8d:4f:ea:6a:83:ad:89:57:ae:a1:a2:a5: 66:49:4a:41:c6:14:fd:e6:1f:e9:d6:c8:89:1c:4c:e1:e3:41: 7d:74:2c:3f:95:59:f5:9c:97:70:a7:e9:be:87:25:b0:b6:48: 14:59:48:3f:87:28:42:f2:fe:4b:cf:5d:08:20:7c:86:1b:ef: d0:b2:70:16:13:28:b6:f0:c8:3c:56:f7:4f:01:be:c6:6b:c1: b3:c1:c1:26:6e:d8:a5:1f:12:8d:2a:fb:18:cb:38:4a:7f:30: 98:69:ac:81:fb:e7:99:e2:4d:ed:f6:b6:0e:97:01:19:55:5c: 3d:b3:fe:fc:5c:de:cd:01:dd:fd:e6:36:67:25:f5:81:82:7d: ca:35:6b:92:8b:68:dc:0c:9f:b3:ef:88:c9:e4:9b:bd:02:0f: 53:e4:43:58:12:7e:05:05:22:2b:c8:47:e1:bd:dd:7e:df:ce: 51:d5:b3:df:64:ab:a2:8f:8b:f0:2a:58:b4:9d:7f:5d:ca:33: bc:64:02:a7:87:da:86:56:8a:cd:91:5d:a2:c9:17:f1:38:69: 79:d0:b8:23:fb:06:70:1b:0f:28:73:22:4e:6f:c7:c7:20:69: 55:98:07:3b:b0:91:a2:df:34:5c:78:8c:6f:d9:e6:68:de:6a: cd:56:9c:87 -----BEGIN CERTIFICATE----- MIIDPjCCAiYCCQDGDmp6OeFFnzANBgkqhkiG9w0BAQUFADCBqDELMAkGA1UEBhMC QkUxETAPBgNVBAgTCEZsYW5kZXJzMRAwDgYDVQQHEwdIYXNzZWx0MRcwFQYDVQQK Ew5CZXRhIE5pbmUgQlZCQTEdMBsGA1UECxMUc29mdHdhcmUgZW5naW5lZXJpbmcx HjAcBgNVBAMTFVN2ZW4gVmFuIENhZWtlbmJlcmdoZTEcMBoGCSqGSIb3DQEJARYN c3ZlbkBiZXRhOS5iZTAeFw0wNjA0MDcxNDE3MzRaFw0xNjA0MDQxNDE3MzRaMIGc MQswCQYDVQQGEwJCRTERMA8GA1UECBMIRmxhbmRlcnMxEDAOBgNVBAcTB0hhc3Nl bHQxFzAVBgNVBAoTDkJldGEgTmluZSBCVkJBMR0wGwYDVQQLExRzb2Z0d2FyZSBl bmdpbmVlcmluZzESMBAGA1UEAxMJbG9jYWxob3N0MRwwGgYJKoZIhvcNAQkBFg1z dmVuQGJldGE5LmJlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDmHbYo7Lm5 YIP7awgRvjdg0ztj3z1tUlffW0Al0BGjq5/RRJlTZufTSKkW8vJg9FMGVxJQM5MA 0Q4wy6FMqCAnf6Ic7CfS9QHSt+JTpURoertYFjTC47fcNLefEY0FvMSiaA3TSFIL GrrbxMU6cEik18u/K69ugslel2iickw2ywIDAQABMA0GCSqGSIb3DQEBBQUAA4IB AQB2Lty1vUKNT+pqg62JV66hoqVmSUpBxhT95h/p1siJHEzh40F9dCw/lVn1nJdw p+m+hyWwtkgUWUg/hyhC8v5Lz10IIHyGG+/QsnAWEyi28Mg8VvdPAb7Ga8GzwcEm btilHxKNKvsYyzhKfzCYaayB++eZ4k3t9rYOlwEZVVw9s/78XN7NAd395jZnJfWB gn3KNWuSi2jcDJ+z74jJ5Ju9Ag9T5ENYEn4FBSIryEfhvd1+385R1bPfZKuij4vw Kli0nX9dyjO8ZAKnh9qGVorNkV2iyRfxOGl50Lgj+wZwGw8ocyJOb8fHIGlVmAc7 sJGi3zRceIxv2eZo3mrNVpyH -----END CERTIFICATE----- Note that the Lisp code uses the standard OpenSSL libraries so please refer to the appropriate OpenSSL documentation for more information.