I'd suggest you use the CA.pl script instead. That should make things much easier.
i have a csr (in pem format(by default)) and a key
I want to sign the csr with my domains root CA
I want then to change it to pkcs12 format
Finally i want to install it onto an Active Directory (win 2000 advanced) machine so i can ssl to the AD
using the CA.pl and my current key and csr
copy mycsr.csr to newreq.pem and run
# /home/local/ssl/misc/CA.pl -sign Signed certificate is in newcert.pem
.... its not there is no newcert.pem
is this what im after?
/usr/local/ssl/bin/openssl x509 -req -in ./CSR.csr -CA ./cacert.pem -CAkey ./private/cakey.pem -CAserial ./serial -out ./signedcert.pem
well it does output signedcert.pem but it gives me this message
unable to load 'random state' This means that the random number generator has not been seeded with much random data. Consider setting the RANDFILE environment variable to point at a file that 'random' data can be kept in (the file will be overwritten). Signature ok
im in csh atm
Is this a problem...??
help!
Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
-- Regards
Ronan McGlue ============== Analyst/Programmer Information Services Queens University Belfast BT7 1NN ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
