You can generate a CA certificate file using `openssl req` command. This will
be basically self signed certificate.
Example:
openssl req -new -newkey rsa:1024 -md5 -x509 -keyout cakey.pem -out
cacert.pem
Then generate the client or server certificate using cacert.pem and cakey.pem
files.
Regards,
Damitha.
Sejin Choi wrote:
> Hi, Lutz.
> Thanks for you advice.
> But what I wanted to know was how to generate a CA file which is the second
> argument for the SSL_CTX_load_verify_locations you mentioned.
> Could you please help me on this?
> Thanks in advance.
>
> /Best regards,
> Sejin
>
> Lutz Jaenicke wrote:
>
> > On Mon, Jul 16, 2001 at 03:40:42PM -0700, Sejin Choi wrote:
> > > Hi. all.
> > > I'm trying to use my local CA list to validate clients.
> > > I'm having a hard time to find out how to generate a CA list for my ssl
> > > server code.
> >
> > I am not sure whether I completely understand your problem.
> > I can therefore only give you the standard advice. Use
> > man SSL_CTX_load_verify_locations
> > as a starting point to learn more about CA certificate handling.
> >
> > Best regards,
> > Lutz
> > --
> > Lutz Jaenicke [EMAIL PROTECTED]
> > BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> > Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
> > Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
