Sarath Chandra M wrote:
Hi,
I have a requirement like this. Users/clients will access a web site,
fill in a form, generate a keypair and send it to
server. the csr is done at the server. client cert is created in the
server and sent back thru email. Is this a proper
approach ? If so, I would like to get some help in constructing the
setup. I have openssl ready and working. Only
thing is web (site) interface for the html form. Also, how to generate
the keypair at the client (browser) ? I cant
find that certenr3.dll. Is there any other java/javascript program to
do it without depending on microsoft dlls ?
Any help will be highly appreciated. First I would like to try
generating key pair with just a html page in Win2K.
You use Xenroll, info on MS site new MS OSes have Xenroll installed as
standard. The CSR must be created on the client (which is what Xenroll
can do) because only it has access to the private key.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Gemplus: http://www.gemplus.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]