OpenBSD-4.6/usr.sbin/httpd/conf/ssl.crt/README.CRT

 This is the ssl.crt/ directory of Apache/mod_ssl
 where PEM-encoded X.509 Certificates for SSL are stored.

 Per default the following two files are provided:

 o server.crt:
   This is the server certificate for Apache/mod_ssl, configured with the
   SSLCertificateFile directive.  Per default this is a dummy file, but may be
   overwritten by the `make certificate' target under built-time.

 o snakeoil.crt:
   This is the _DEMONSTRATION ONLY_ `Snake Oil' dummy server certificate.
   NEVER USE THIS FOR REAL LIFE! INSTEAD USE A REAL CERTIFICATE!

 o snakeoil-ca.crt:
   This is the certificate of the _DEMONSTRATION ONLY_ `Snake Oil' Certificate
   Authority. This CA is used to sign the server.crt on `make certificate'
   because self-signed server certificates are not accepted by all browsers.
   NEVER USE THIS CA YOURSELF FOR REAL LIFE! INSTEAD EITHER USE A PUBLICALLY
   KNOWN CA OR CREATE YOUR OWN CA!

 o ca-bundle.crt:
   This is a bundle of CA root certificate for Apache/mod_ssl, configurable
   with the SSLCACertificateFile directive. Per default it's disabled but can
   be enabled for client authentication when the clients use certificates
   signed by one of the commonly known public Certificate Authorities.

 You can view the ingredients of a particular certificate file in plain text
 by running the command:

   $ openssl x509 -noout -text -in <name>.crt