Andrew Griffin wrote:
>
> Hi,
>
> I've been trying to create my own Certificate Authority for testing
> purposes. I have created everything I need in oder to run the sign.sh
> script, however I do not have this script and can't figure out what
> parameters I need to pass to openssl ca. Can anyone shed some light on
> this.
>
> I have created a server key, agserver.key
> a server csr file agserver.csr
> a CA key agca.key
> and a CA crt file agca.crt.
>
Well I wasn't going to mention this just yet but...
I said some time ago that I was working on some documentation for the
openssl command. Well I've got the main commands done including the "big
three" (ca, x509 and req). It doesn't currently include the "even bigger
one" i.e. pkcs12 but thats documented elsewhere.
The docs are currenly in POD format and look like Unix man pages: I'll
add them to them CVS tree in the next few days. Anyone that wants to
reformat them, make them look pretty, correct horrible grammar and
spelling should feel free to do so. I was more interested in getting the
basic info documented than anything else.
I also learnt quite a few things I didn't know usually on the grounds of
"it doesn't *really* do that does it?" :-)
In the meantime the scripts CA.pl and CA.sh call 'ca' with the right
arguments and theres some examples in my PKCS#12 FAQ (see homepage)
about how to use them.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
