OpenSSL users and developers, I have struggled with getting certificates in order on my servers, and I have seen others struggle with this too. It became necessary to do a proper job, so I decided I should write up what I had to learn as a HOWTO.
I would like to contribute this for posting on www.openssl.org. But first, I think someone who actually _knows_ what they are doing should review my document; preferably, several people. (Yesterday I couldn't spell SSL...) So here it is: http://www.binarytool.com/ssl-cert-HOWTO.txt Please, if you have the time, take a look through this and make sure I'm not telling lies or leading people into danger. Send me mail at the address below, as I'm not on the list. One specific thing I would like to be able to control on the non-CA certificates is the "Any Purpose CA : Yes" attribute; what do I put in the config file to change this to "No"? Thanks very much in advance for your input. Marcus Redivo The Binary Tool Foundry http://www.binarytool.com mailto:[EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
