See answers below. I hope it helps. Best Regards, Sharon Hezy.
-->-----Original Message----- -->From: Shalendra Chhabra [mailto:[EMAIL PROTECTED]] -->Sent: Tue, June 04, 2002 3:01 PM -->To: [EMAIL PROTECTED] -->Subject: Errors --> --> -->I need some help --> -->1. I am able to generate Certificate and Private Key -->using command line options in Openssl. -->can someone tell me are they considered good? and if they are good -->why do we need Certificates from companies like -->Microsoft, Verisign??????????? --> You're right that you can generate private key & certificate *request* using openssl command line tool. As well you can use browsers/servers U/I for certificate request and private key generation. But, creation of certificate - it's already another thing. When you're signing certificate request - you should be a *valid* certificate authority. The regular "ca" tool of openssl signs your request using "test" certificate authority (which is inside OpenSSL by courtesy of OpenSSL developers). If you choose to trust it - you should add it to your browsers' trusted certificates list (or to your servers' trusted certificates list). Anyway, if you will send this certificate signed by "test" CA to anybody else (not your server/browser) - your certificate will not be trusted by anybody because nobody else except you knows who's "test" CA is. But, known companies as Verisign, Thawte, etc. - are known worldwide and if they sign your certificate you will not have verification problems (at least not CA verification problems...:-) ). For example, their certificates are part of default trusted CA list which you get when you're installing IE or Netscape browsers. Simply, it's all a matter of trust: are other people trust person who signes your personal certificate. ;-) --> --> -->2. I have downloaded the OpenSSL 0.9.6 24 Sep 2000 -->version. In -->openssl-0.9.6d/openssl-0.9.6d/demos/maurice -->when I write make -->I get the following errors -->cc -g -I../../include -Wall -c -o loadkeys.o loadkeys.c -->loadkeys.c: In function `ReadPublicKey': -->loadkeys.c:36: too few arguments to function `PEM_ASN1_read' -->loadkeys.c: In function `ReadPrivateKey': -->loadkeys.c:67: too few arguments to function `PEM_ASN1_read' -->make: *** [loadkeys.o] Error 1 --> -->when I open loadkeys.c, line 36 is --> -->x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509, --> PEM_STRING_X509, --> fp, NULL, NULL); --> --> -->and line 67 is --> --> pkey = (EVP_PKEY*)PEM_ASN1_read ((char -->*(*)())d2i_PrivateKey, --> PEM_STRING_EVP_PKEY, --> fp, --> NULL, NULL); --> -->But when I went to openssl.org I could not find whats the syntax -->of the -->PEM_ASN1_read function. Please help what the arguments should -->be??? How about checking the appropriate ".h" file? You can find the function with "grep" in Unix or "find" on Windows. -->Thanks -->Shalendra -->_________________________________________________________ -->Click below to visit monsterindia.com and review jobs in India or -->Abroad -->http://monsterindia.rediff.com/jobs --> -->_____________________________________________________________ -->_________ -->OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
