-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 13 August 2003 11:10, you wrote: > Am configurat un root CA, am creat un self-signed cert si am cacert.pem > si cakey.pem in /etc/ssl respectiv /etc/ssl/private/ > in /etc/ssl/openssl.cnf am setat dir = /etc/ssl > si totul e ok. > Cand dau sa creez un nou certificat > #openssl req -config /etc/ssl/openssl.cnf -new -keyout newreq.pem -out > newreq.pem -days 365 > > imi cere PEM pass phrase...indiferent daca bag PEM pass phrase-ul root > CA-ului, sau orice altceva, imi creaza noul certificat. E normal?
pasii sunt urmatorii: 1. creare certificat nou openssl genrsa -des3 -out ce_vrei_tu.key 1024 2. certificate signing request openssl req -new -key ce_vrei_tu.key -out ce_vrei_tu.csr -days 365 3. semnarea efectiva certificatului openssl ca -config fisier_de_config.cnf -out ce_vrei_tu.crt -infiles ce_vrei_tu.csr 4. verificare certificat openssl verify -CAfile /unde/este/CA.crt /unde/este/ce_vrei_tu.crt - -- Cu respect/Best Regards, Adrian Mazarache Public key: http://london.forte.ro/mazasign.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/OfjoEbm/AUY3ZdkRAtb4AJ4ukur4nMnskHbmcvAy20hlVWVrkACff/EF mSaawitSfQDp6UI6gnBZSr4= =EZhT -----END PGP SIGNATURE----- --- Detalii despre listele noastre de mail: http://www.lug.ro/
