As far as I understood, using "openssl req..." the produced format is PEM, independant what file extension you use. So normally this should work. Sorry for this kind of vague information but I didn't use openssl for a while.
Thomas > -----Urspr�ngliche Nachricht----- > Von: Ronan [mailto:[EMAIL PROTECTED] > Gesendet: Mittwoch, 27. Oktober 2004 12:57 > An: [EMAIL PROTECTED] > Betreff: Re: AW: CSR signing > > > > > [EMAIL PROTECTED] wrote: > > Why did you concatenate the server.key and the server.csr? > Why don't you use > > the csr to produce the certificate??? > > because all the examples in the > http://www.openssl.org/docs/apps/x509.html# > use .pem files > im just following the tutorials i can find on the web and the > man pages... > if ive read them wrong its cause im not 100% sure of what im doing > > so in place of the pem file counld i just use... > > /usr/local/ssl/bin/openssl x509 -req -in ./server.csr -CA ./cacert.pem > -CAkey ./private/cakey.pem -CAserial ./serial -out ./ronanscert.pem > > would this give me what i need??? > > ronan > > > >>-----Urspr�ngliche Nachricht----- > >>Von: Ronan [mailto:[EMAIL PROTECTED] > >>Gesendet: Mittwoch, 27. Oktober 2004 12:28 > >>An: [EMAIL PROTECTED] > >>Betreff: CSR signing > >> > >> > >>ok so ive generated a CSR and key using... > >> > >>[EMAIL PROTECTED]:~$ openssl genrsa -out server.key 1024 > >>Generating RSA private key, 1024 bit long modulus > >>..++++++ > >>......++++++ > >>e is 65537 (0x10001) > >>[EMAIL PROTECTED]:~$ openssl req -new -key server.key -out server.csr > >> > >>[...] > >> > >>then i did > >> > >>cat server.key server.csr > rtest.pem > >> > >>is this right?? > >> > >>then... > >> > >>/usr/local/ssl/bin/openssl x509 -req -in ./rtest.pem -CA > ./cacert.pem > >>-CAkey ./private/cakey.pem -CAserial ./serial -out ./ronanscert.pem > >> > >>to sign the pem with my own CA root Cert > >> > >>now when i cat ronanscert.pem > >>-----BEGIN CERTIFICATE----- > >>[snip] > >>-----END CERTIFICATE----- > >> > >>this so far looks good right???? > >> > >>now i need the cert for a windows box so i need to pkcs12 it > >> > >>what is the private key i need to put in the file > >>ronanscert.pem?? is it > >>the one i geretaed for the server or is it the CA root key??? > >> > >>im a bit confused... > >>i know this is gonna be very simple for some of you but im > >>still pickin > >>this up... > >> > >>any help is much appreciated! > >> > >>-- > >>Regards > >> > >>Ronan McGlue > >>============== > >>Analyst/Programmer > >>Information Services > >>Queens University Belfast > >>BT7 1NN > >> > >>____________________________________________________________ > __________ > >>OpenSSL Project > http://www.openssl.org > >>User Support Mailing List > [EMAIL PROTECTED] > >>Automated List Manager > [EMAIL PROTECTED] > >> > > > > > ______________________________________________________________________ > > OpenSSL Project > http://www.openssl.org > > User Support Mailing List > [EMAIL PROTECTED] > > Automated List Manager > [EMAIL PROTECTED] > > -- > Regards > > Ronan McGlue > ============== > Analyst/Programmer > Information Services > Queens University Belfast > BT7 1NN > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
