I wanted to install OpenCA to solve a particular problem. I want to be able to sign digital certificate requests, and don't want to pay Verisign or Thawte to sign certificates for what will be an internal use only application. I tried doing this with openssl as follows:
I ran the following command on the CA server: phatbsd# openssl x509 -req -days 365 -in /home/torzillo/home.csr -CA /etc/ssl/ca.crt \ -CAkey /etc/ssl/private/ca.key -CAcreateserial \ -out /home/torzillo/home.crt Note that I ran this command and it did not generate any error messages. However, when I went to look in the directory /home/torzillo, the file home.crt did not exist. phatbsd# ls .cshrc .login .mailrc .profile .rhosts home.csr I am using OpenBSD 3.0, with OpenSSL 0.9.6b [engine] 9 Jul 2001. I tried installing OpenCA version 0.8.1 and had some problems getting it to compile on OpenBSD. I'd like to know if anyone has successfully compiled OpenCA 0.8.1 on OpenBSD 3.0 and if so if you have any tips for helping me to get it to compile. If there is another operating system that I could use (Redhat Linux?) then I am perfectly willing to build another system and try that to get this to work. I'm at my wits end with trying to get this installed, and was hoping someone could take pity on me and give me some pointers. My other question is fairly basic - can I accomplish what I am trying to do with openssl without even installing OpenCA? I feel like I am using a nuclear flyswatter. I was thinking about upgrading to OpenSSL 0.9.6c, and using the ca.pl script for this. I would however like to use OpenCA if possible, because I like the idea of being able to use the CGI scripts to do this with a web UI. Thanks, Tony _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
