[prev in list] [next in list] [prev in thread] [next in thread]
List: ssl-users
Subject: [ssl-users] CA troubles
From: Roger Walker <rosco () rope ! net>
Date: 1999-02-12 21:49:13
[Download RAW message or body]
I started with the RedHat Secure Server 2.0 on a RedHat 5.2
system. There wasn't enough information on handling your own certificate
authority functions (Internal use at the moment - don't want to pay for
external CA but don't want to have users updating stuff in their browser
every 30 days.) so I downloaded and compiled SSLeay 0.9.0b to try playing
with the CA.sh script.
After trying the "-newca" "-newreq" "-sign" options in turn, I
realized that it wasn't working properly. I've been messing a bit with
the ssleay.cnf and CA.sh files and have gotten the error down to this
with the -sign option:
Error reading certificate request in newreq.pem
5791:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:628:
newreq.pem was created without error with the -newreq option.
There seems to be a lot more to this than implied by just running
those three options. For example, -newreq and -newcert can clobber each
other's output files.
Anyway, if someone could point me in the right direction to being
able to create my own signed certificates, I'd be much obliged.
Thanks.
--
Roger Walker Voice/Fax 780-440-2685 Network Manager,
Director & Senior Consultant, Pager 780-917-5817 ROPE Internet Services
ROSCO Associates Technology <rats@rat-hole.com> <rosco@rope.net>
Staffing Ltd. (RATS!) <www.rat-hole.com> <www.rope.net>
"HIS Pain; YOUR Gain" BLACK RAT: <www.rat-hole.com/black-rat>
+-------------------------------------------------------------------------+
| Administrative requests should be sent to majordomo@lists.cryptsoft.com |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic