On Wednesday 13 August 2003 11:37, you wrote: si inca ceva:
cand se "Revoke a certificate" si "Renew a certificate" ? > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wednesday 13 August 2003 11:10, you wrote: > > Am configurat un root CA, am creat un self-signed cert si am > > cacert.pem si cakey.pem in /etc/ssl respectiv /etc/ssl/private/ > > in /etc/ssl/openssl.cnf am setat dir = /etc/ssl > > si totul e ok. > > Cand dau sa creez un nou certificat > > #openssl req -config /etc/ssl/openssl.cnf -new -keyout newreq.pem > > -out newreq.pem -days 365 > > > > imi cere PEM pass phrase...indiferent daca bag PEM pass phrase-ul > > root CA-ului, sau orice altceva, imi creaza noul certificat. E > > normal? > > pasii sunt urmatorii: > > 1. creare certificat nou > openssl genrsa -des3 -out ce_vrei_tu.key 1024 > 2. certificate signing request > openssl req -new -key ce_vrei_tu.key -out ce_vrei_tu.csr -days 365 > 3. semnarea efectiva certificatului > openssl ca -config fisier_de_config.cnf -out ce_vrei_tu.crt -infiles > ce_vrei_tu.csr > 4. verificare certificat > openssl verify -CAfile /unde/este/CA.crt /unde/este/ce_vrei_tu.crt > > > - -- > Cu respect/Best Regards, > Adrian Mazarache > > Public key: http://london.forte.ro/mazasign.asc > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.2 (GNU/Linux) > > iD8DBQE/OfjoEbm/AUY3ZdkRAtb4AJ4ukur4nMnskHbmcvAy20hlVWVrkACff/EF > mSaawitSfQDp6UI6gnBZSr4= > =EZhT > -----END PGP SIGNATURE----- > > --- > Detalii despre listele noastre de mail: http://www.lug.ro/ -- Stefan, a simple Debian user. Linux registered user: #272012 [Linux is Friendly. It's just selective about who his friends are.] --- Detalii despre listele noastre de mail: http://www.lug.ro/
