Hello everybody.
First of all I want you to know that I'm a beginner in CA stuff.
Thanks to modssl and opnessl docs I managed to install apache with ssl,
and created my own CA.
I created my own certificates for servers and clients.
I had no problem using them in IE4.0, Netscape 4.5, Apache 1.3.6,
Netscape Web Server, IIS 3.0 and 4.0.
I mean that I was abble to install them and make secure conection with
server authentication.
Problems started when I wanted to make also client authentication, using
my certificates.
At the end I did it for apache and netscape.
But not for IIS 3.0 or 4.0. The problem, I think, is that iis web server
does not recognize my CA as a trusted one.
I tried all that I found in IIS docs to install my CA like a trusted CA
and didn't work.
So first question: Does anybody konw how can I add (in IIS) a CA
certificate in the list of trusted CA for client authentication?
To create my onw certificate for CA, and create certificates for server
and client I used CA.sh script that comes with modssl/openssl, and
openssl.cnf. (in attach)
Second question : What do I need to add to openssl.cnf in order to have
a friendly name for my CA certificate ? Or what else can I do?
(for client certificates I use >pkcs12 ... -name " kkk" < when I
create a pkcs12 file which I can import in IE or Netscape)
Please help me.
thanks,
tudors.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tudor Sileam
openssl.cnf
CA.sh
