> Franck Martin wrote: > > I have just written a little HOWTO, to be able to handle certificates. > I'm happy to receive comments and suggestions to improve it. >
An alternative location for the OpenSSL configuration file can be specified using the environment variable OPENSSL_CONF. The command to setup a new CA is CA.pl -newca . You should not use the root CA certificate in the server and you should not remove the protection on its private key. Instead you should create a separate request and certificate for the server, signed by the root CA. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
