Balu Stefan wrote: >On Wednesday 13 August 2003 11:37, you wrote: > >se pare ca, cu pasii astia a mers...strange :) > > Cu pasii astia eu am reusit pe openssl de windwos si cu iis :)
> > >>-----BEGIN PGP SIGNED MESSAGE----- >>Hash: SHA1 >> >>On Wednesday 13 August 2003 11:10, you wrote: >> >> >>>Am configurat un root CA, am creat un self-signed cert si am >>>cacert.pem si cakey.pem in /etc/ssl respectiv /etc/ssl/private/ >>>in /etc/ssl/openssl.cnf am setat dir = /etc/ssl >>>si totul e ok. >>>Cand dau sa creez un nou certificat >>>#openssl req -config /etc/ssl/openssl.cnf -new -keyout newreq.pem >>>-out newreq.pem -days 365 >>> >>>imi cere PEM pass phrase...indiferent daca bag PEM pass phrase-ul >>>root CA-ului, sau orice altceva, imi creaza noul certificat. E >>>normal? >>> >>> >>pasii sunt urmatorii: >> >>1. creare certificat nou >>openssl genrsa -des3 -out ce_vrei_tu.key 1024 >>2. certificate signing request >>openssl req -new -key ce_vrei_tu.key -out ce_vrei_tu.csr -days 365 >>3. semnarea efectiva certificatului >>openssl ca -config fisier_de_config.cnf -out ce_vrei_tu.crt -infiles >>ce_vrei_tu.csr >>4. verificare certificat >>openssl verify -CAfile /unde/este/CA.crt /unde/este/ce_vrei_tu.crt >> >> >>- -- >>Cu respect/Best Regards, >>Adrian Mazarache >> >>Public key: http://london.forte.ro/mazasign.asc >> >>-----BEGIN PGP SIGNATURE----- >>Version: GnuPG v1.2.2 (GNU/Linux) >> >>iD8DBQE/OfjoEbm/AUY3ZdkRAtb4AJ4ukur4nMnskHbmcvAy20hlVWVrkACff/EF >>mSaawitSfQDp6UI6gnBZSr4= >>=EZhT >>-----END PGP SIGNATURE----- >> >>--- >>Detalii despre listele noastre de mail: http://www.lug.ro/ >> >> > > > --- Detalii despre listele noastre de mail: http://www.lug.ro/
