SSL Keys and Certificates via Rexx

The package was created by Z. Wagner - Ice Bear Soft,

SSL module for Apache requires a certificate. The scripts for making a certificate, creating a certification authority and signing certificates are included neither in the distribution of Apache with mod_ssl for OS/2 nor in the version of OpenSSL compiled for OS/2. The user is thus required to obtain the complete distribution of OpenSSL. Moreover, the scripts require UNIX-like shell or Perl and UNIX-like utilities. The user may not have them installed. For these reasons I decided to implement the functions by means of native OS/2 programs. The Rexx programs presented here can generate a server key, create a certificate signing request, establish a certification authority and sign keys.

The programs were created exactly according to the documentation. In fact, most of them was copied from the FAQ and the signing script was directly translated from

This document is also included in the package, it is not necessary to save it.

You can also download a modified package with some improvements and more detailed documentation which was kindly contributed by Michael Warmuth.


The programs from this package may be used and distributed under the terms of GNU General Public License. See COPYING for the text of the license.

The package is signed with PGP 2.6.3 and 5.0. My public keys are included or may also be found in key servers.


The package requires OpenSSL compiled for OS/2. You will also need Apache with mod_ssl. Both these programs can be downloaded from Be sure that openssl.exe resides in a directory listed in PATH. You must also have Rexx installed. If you do not have it in your system, install it by Selective Install.

The programs rely on files with long names which may or may not be case sensitive. Be sure that you run these programs on a file system supporting long file names such as HPFS or EXT2. Specifically passchg.cmd and decrypt.cmd will destroy the key if it is run on FAT.

Usage description