|
Am I using the wrong format, missing a step, or something
else? Thanks, -Bob ------------- I set up an openssl CA and
generated a CA cert by doing: $SSLDIR/bin/openssl req –new –x509 –keyout
${SSLDIR}/private/CAkey.pem \ -out ${SSLDIR}/private/CAcert.pem –config ${SSLDIR}/openssl.cnf I then try to upload CAcert.pem to
browser as mime-type “application/x-x509-ca-cert”. In the file download dialog box, I click
on open, then I get an error popup “This is an
invalid Security Certificate file”. I tried converting the certificate to DER format by doing: $SSLDIR/bin/openssl x509 –in
${SSLDIR}/private/CAcert.pem –inform PEM –outform DER –out ${SSLDIR}/private/CAcert.der … and I get the same error. I tried converting it to a pkcs12 keypair
like this: ${SSLDIR}/bin/openssl pkcs12
-export -in ${SSLDIR}/private/CAcert.pem -inkey ${SSLDIR}/private/CAkey.pem
–out ${SSLDIR}/private/pkcs12.pem … but, again, the same error. The CAcert.PEM looks like this: ../bin/openssl x509 -in CAcert.pem -inform PEM –text Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=
Validity
Not Before:
Not After :
Subject: C=US, ST=
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:ba:d3:5c:77:3e:2b:c3:2e:46:e0:ed:72:e3:2d:
bf:3f:7b:5f:27:45:30:cf:99:2f:20:f8:d5:2e:b1:
ca:90:d7:56:a1:c9:c5:3c:72:40:c8:e9:ea:57:db:
5a:c7:16:91:32:86:23:64:39:35:84:d9:55:fd:5e:
64:2c:53:93:5d:70:47:52:1f:d5:4d:e7:f3:d8:0a:
f2:4f:e3:8b:84:dc:90:f9:d8:75:68:ca:06:a0:8e:
5f:d8:9e:c0:17:0a:e2:18:62:15:e4:9b:d5:20:5c:
fc:82:ec:ed:62:d2:ae:81:96:ae:8b:dc:a6:e9:71:
eb:9f:97:b8:11:63:d5:84:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:
X509v3 Authority Key Identifier:
keyid:54:
DirName:/C=US/ST=Massachusetts/L=Burlington/O=Bluesocket,
Inc/OU=Bluesocket CA/CN=certificate [EMAIL PROTECTED]
serial:00
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: md5WithRSAEncryption
76:8f:2b:3d:ce:67: 5d:75:c0:f8:96:11:b8:78:98:e5:f1:02:91:fb:2e:ae:d9:87: cf:64:10:7c:9e:72:f0:cf:9b:07:73:6e:45:8a:b4:90:10:44:
5e:55:9c:83:a6:67:66:59:59:90:ca:0e:47:ba:4c:c7:c4:d7:
20:f2:40:7c:17:7b:8a:9f:96:ea:39:b6:9d:a2:39:
9a:73:8b:d3:e0:fb:35:2b:9a:c7:f7:29:73:03:bf:f3:e6:65:
2b:a3:3c:7c:c6:ab:b7:1b:fc:1d:d4:a7:53:8f:ea:ea:85:e4: 0e:af -----BEGIN CERTIFICATE----- MIID5TCCA06gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBrjELMAkGA1UEBhMCVVMx FjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxEzARBgNVBAcTCkJ1cmxpbmd0b24xGDAW BgNVBAoTD0JsdWVzb2NrZXQsIEluYzEWMBQGA1UECxMNQmx1ZXNvY2tldCBDQTEe MBwGA1UEAxMVY2VydGlmaWNhdGUgYXV0aG9yaXR5MSAwHgYJKoZIhvcNAQkBFhFj YUBibHVlc29ja2V0LmNvbTAeFw0wMjAxMTAwMDAyMzVaFw0wMjAyMDkwMDAyMzVa MIGuMQswCQYDVQQGEwJVUzEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czETMBEGA1UE BxMKQnVybGluZ3RvbjEYMBYGA1UEChMPQmx1ZXNvY2tldCwgSW5jMRYwFAYDVQQL Ew1CbHVlc29ja2V0IENBMR4wHAYDVQQDExVjZXJ0aWZpY2F0ZSBhdXRob3JpdHkx IDAeBgkqhkiG9w0BCQEWEWNhQGJsdWVzb2NrZXQuY29tMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQC601x3PivDLkbg7XLjLb8/e18nRTDPmS8g+NUuscqQ11ah ycU8ckDI6epX21rHFpEyhiNkOTWE2VX9XmQsU5NdcEdSH9VN5/PYCvJP44uE3JD5 2HVoygagjl/YnsAXCuIYYhXkm9UgXPyC7O1i0q6Blq6L3Kbpceufl7gRY9WEoQID AQABo4IBDzCCAQswHQYDVR0OBBYEFFQVTShMVyxwKvcpU5QrThDOdjA/MIHbBgNV HSMEgdMwgdCAFFQVTShMVyxwKvcpU5QrThDOdjA/oYG0pIGxMIGuMQswCQYDVQQG EwJVUzEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czETMBEGA1UEBxMKQnVybGluZ3Rv bjEYMBYGA1UEChMPQmx1ZXNvY2tldCwgSW5jMRYwFAYDVQQLEw1CbHVlc29ja2V0 IENBMR4wHAYDVQQDExVjZXJ0aWZpY2F0ZSBhdXRob3JpdHkxIDAeBgkqhkiG9w0B CQEWEWNhQGJsdWVzb2NrZXQuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN AQEEBQADgYEAdo8rPc5nGUjwuQIPL05iPSt+XXXA+JYRuHiY5fECkfsurtmHz2QQ fJ5y8M+bB3NuRYq0kBBEXlWcg6ZnZllZkMoOR7pMx8TXIPJAfBd7ip+W6jm2naI5 ETM6mnOL0+D7NSuax/cpcwO/8+ZlK6M8fMartxv8HdSnU4/q6oXkDq8= -----END CERTIFICATE----- |
