On Thursday 21 July 2005 04:19, Mipam wrote: > Does there exist a frontend for openssl that can create and sign > certificates bit one that also can create and sign pkcs7 certs? > Maybe something exists to help you create your own certificate authority?
Got the system sources? If so, look at /usr/src/crypto/openssl/apps/CA.pl which sounds like exactly what you want: 1. ./CA.pl -newca # Makes a new CA 2. ./CA.pl -newreq # Generate a certificate signing request 3. ./CA.pl -sign # Sign the request created in step 2 I copied it to /usr/local/bin and edited the "$CATOP" variable to point to /usr/local/etc/mypersonalCA, then edited /etc/ssl/openssl.cnf to refer to the same directory. That way, I don't have to deal with it wanting to use the relative directory "./demoCA" during its operations. -- Kirk Strauser
pgpum1ctTm5Jk.pgp
Description: PGP signature
