How To Load Client Certificate Into Browser By Using Perl Script.

Fri, 22 Oct 1999 02:59:04 -0700 

Hi Everybody,

 I'm user porting from SSLeay to Openssl 0.94, so I'm new to it.
Hope somebody can help me.

 Here is my steps :

1. Generate CA and the self-signed CA certificate:

   openssl req -new -x509 -keyout /var/ssl/private/CAkey.pem -days 5000
        -out /var/ssl/private/CAcert.pem -config /var/ssl/openssl.cnf

   ===> OK
 
2. Load a CA certificate into a browser using a Perl CGI script.
   ===> OK

3. Create Client Certificate and load into Netscape 4.6 browser by 
   using Perl CGI script. 

   Below is part of my CGI script :
   #########
   ...
   ...
   my $config = "/var/ssl/openssl.cnf";
   my $cmd = "openssl ca -spkac cert30.req -out cert30.result 
      -days 360 -config $config -keyfile /var/ssl/private/CAkey.pem";

   system("$cmd");

   open(CERT, "<cert30.result") ||
       exit;
   my $result = join('', <CERT>);
   close(CERT);
   my $len = length($result);

   print "Content-Type: application/x-x509-user-cert\n";
   print "Content-Length: $len\n\n";
   print $result;
   exit(0);
   ###############

   The problem is, when I run this Perl script, I can't produce
   "cert30.result" file, meant my program will exit.

   But if I run from the shell, I can produce "cert30.result" file. 
   Below is my result when I run it from the command prompt.

=======================================================================
[root@mars private]# openssl ca -spkac cert30.req -out cert30.result \
  -days 360 -config /var/ssl/openssl.cnf 
  -keyfile /var/ssl/private/CAkey.pem

Using configuration from /var/ssl/openssl.cnf
Enter PEM pass phrase:
Check that the SPKAC request matches the signature
Signature ok
The Subjects Distinguished Name is as follows
commonName            :PRINTABLE:'CHAR CHOON HWA'
emailAddress          :IA5STRING:'[EMAIL PROTECTED]'
organizationName      :PRINTABLE:'ABC Company'
organizationalUnitName:PRINTABLE:'ABCNet'
localityName          :PRINTABLE:'Bukit Tengah'
stateOrProvinceName   :PRINTABLE:'Penang'
countryName           :PRINTABLE:'MY'
Certificate is to be certified until Oct 16 09:25:44 2000 GMT (360 days)

Write out database with 1 new entries
Data Base Updated
=========================================================================

Please advice me on how to solve this problem. Thank.

Regards,
  CHAR
begin:vcard 
n:;chchar
x-mozilla-html:FALSE
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
x-mozilla-cpt:;-7072
fn:chchar
end:vcard

Reply via email to