Okay. Got it up and running on a local Radio install. Couldn't be easier.

At first, when I read that the script would generate the CSR, I assumed you meant that it would write to the file system the necessary files. Your way is so much better!

For MacOS X users who have Apache running on port 80, the hyperlink in the text to https://127.0.0.1/ will not work. Putting in the URL where the service is actually located does (https://127.0.0.:4443/, depending on whether or not you turned on port forwarding).

Whether one can browse the site with an invalid certificate seems to depend on which browser on is using. Internet Explorer 5.1 on OS X throws an error dialog and does NOT allow you to browse the site.

Mozilla 0.99 for OS X (soon to be 1.0, I hope) gave a dialog, but it can be dismissed the the site accessed.

OmniWeb 4.1 sneek peak didn't even throw a dialog and just displayed the page.

As an aside, I just bought a Sharp Zaurus 5500. Linux + Java PDA. In comes with Opera 5.0 (which is what sold me on it), which supports.....TLS 1.0!