DanielFry schrieb:
Hello out there!
I've got a problem with the OpenSSL-based program TinyCA. I used this nice
GUI-prog to create some certificates. I also created some certificates with
commandline OpenSSL.
Now my problem:
TinyCA show's an nice overview about all certificates in the folder
For now, my purpose is not to establish and identity of a server with
the
certificate. I plan to use a signed certificate, so that the client can
be
sure
that the server indeed holds the private key associated with the
public key
provided by the server in its certificate.
You have a
Wolfgang Riedel wrote:
echo
VGVzdENBOiA6Q2xhc3MxOkRldXRzY2hlIEJ1bmRlc2Jhbms6IDpEZXV0c2NobGFuZDpERQ==
| openssl base64 -d
(linewrap)
TestCA: :Class1:Deutsche Bundesbank: :Deutschland:DE
hth,
wolfgang
Thanks Wolfgang That's exactly the right information! And its so easy...
But
I doubt if self signed certificate will be a good idea, as
against a signed
certificate.
With the approach I am proposing, the server installer itself works like a
CA.
Only an authorized person will have access to this installer (say
admin) and
can generate a signed certificate.
I don't
Hello,
according to the rsa documentation, this command should ask for a new
password (no password set in the file before):
openssl rsa -in nopassword.key -passout stdin -out password.key
I'm asked for a password, but the files are identical, password.key has
no password set. What is going
We've been having a problem with use_privatekey_file on Solaris 10.
When calling from pyOpenSSL, it somehow switches from reading the key
file from file descriptor 3 to reading from stdin (0) after the open()
call. Truss shows the file being opened as fd 3, then a read call on
fd 0.
You need to specify a cipher for encrypting your private key. Something
like:
openssl rsa -in nopassword.key -des3 -out password.key
You will be prompted for a passphrase.
-des3 could be replaced by -aes128, -aes192, or -aes256 if you want a
stronger cipher for encryption.
Bill
-Original