[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bsdi-users
Subject:    Re: Server Certificate Signing Request
From:       Merton Campbell Crockett <mcc () TO ! GD-ES ! COM>
Date:       2000-01-29 16:56:40
[Download RAW message or body]


Andy, Theodore, and Vivek:

Thanks for your responses but still no joy.  The DISA Netscape Certificate
Server continues to complain about "bad DER encoding".  I suspect that the
problem is not, so much, the DER encoding but a field required by Netscape
that is not used or optional when submitting a CSR to a commercial third-
party Certificate Authority, i.e. VeriSign, Thawte, CyberTrust, etc.

Perhaps I need to rephrase my question to you and the BSD/OS user community
and ask if anyone has created a CSR using Apache/Stronghold, Apache/SSLeay,
Apache-SSL, or Apache/mod_SSL or any SSLeay or OpenSSL utility and have had
the CSR accepted by a Netscape Certificate Server?

Merton Campbell Crockett

On Tue, 25 Jan 2000, Andy Moskoff wrote:

> On Tue, 25 Jan 2000, Merton Campbell Crockett wrote:
> 
> > 
> > Does anyone on this list know a procedure that will convert a PEM encoded
> > CSR to the DER encoding required by the Netscape Certificate Server?
> > 
> 	Merton:
> 
> 	On the www.openssl.com web site there are lots o' utilities
> 	to do this. In fact, the openssl distribution may have the utility.
> 	You can also try www.modssl.org, nice packages specifically for
> 	apache. They give a step-by-step there.
> 
> --------------------------------------------------------------
> Andy Moskoff                               email: abm@ftel.net  
> Intelligent Systems Solutions
> 
> 

[prev in list] [next in list] [prev in thread] [next in thread]