Regarding this problem, I think there is compability issue between SSLeay and OpenSSL. Because from SSLeay, it can worked from my Perl script which load Client Certificate into Netscape Browser. But changed it to Openssl, it can't work. When running in shell mode, user is required to key in password in order to sign the request. In Perl script, how to ignore this user interactive process from the Netscape browser ? Can somebody point to me where I can locate the OpenSSL documention ? When I visit this url http://www.openssl.org/docs is still incomplete. Regards, CHAR Meike Aulbach wrote: > > I have problems with this too. I thought that it works on the shell because > its "root", but then i tried to run the script as nobody (the webserver is > running as nobody too) and it works on the shell, but it doesnt work over > the webserver. Does openssl have a protection so that it will work only > on a tty or sth like that ? > > bye, Meike > > -- > Meike Aulbach <[EMAIL PROTECTED]> > PGP Key fingerprint = 66 05 8B 5E AD 80 60 DE 06 EA 60 D6 E0 D8 F1 43 > Paul's Law: > In America, it's not how much an item costs, it's how much you > save. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] >>Hi Everybody, >> >> I'm user porting from SSLeay to Openssl 0.94, so I'm new to it. >>Hope somebody can help me. >> >> Here is my steps : >> >>1. Generate CA and the self-signed CA certificate: >> >> openssl req -new -x509 -keyout /var/ssl/private/CAkey.pem -days 5000 >> -out /var/ssl/private/CAcert.pem -config /var/ssl/openssl.cnf >> >> ===> OK >> >>2. Load a CA certificate into a browser using a Perl CGI script. >> ===> OK >> >>3. Create Client Certificate and load into Netscape 4.6 browser by >> using Perl CGI script. >> >> Below is part of my CGI script : >> ######### >> ... >> ... >> my $config = "/var/ssl/openssl.cnf"; >> my $cmd = "openssl ca -spkac cert30.req -out cert30.result >> -days 360 -config $config -keyfile /var/ssl/private/CAkey.pem"; >> >> system("$cmd"); >> >> open(CERT, "<cert30.result") || >> exit; >> my $result = join('', <CERT>); >> close(CERT); >> my $len = length($result); >> >> print "Content-Type: application/x-x509-user-cert\n"; >> print "Content-Length: $len\n\n"; >> print $result; >> exit(0); >> ############### >> >> The problem is, when I run this Perl script, I can't produce >> "cert30.result" file, meant my program will exit. >> >> But if I run from the shell, I can produce "cert30.result" file. >> Below is my result when I run it from the command prompt. >> >>======================================================================= >>[root@mars private]# openssl ca -spkac cert30.req -out cert30.result \ >> -days 360 -config /var/ssl/openssl.cnf >> -keyfile /var/ssl/private/CAkey.pem >> >>Using configuration from /var/ssl/openssl.cnf >>Enter PEM pass phrase: >>Check that the SPKAC request matches the signature >>Signature ok >>The Subjects Distinguished Name is as follows >>commonName :PRINTABLE:'CHAR CHOON HWA' >>emailAddress :IA5STRING:'[EMAIL PROTECTED]' >>organizationName :PRINTABLE:'ABC Company' >>organizationalUnitName:PRINTABLE:'ABCNet' >>localityName :PRINTABLE:'Bukit Tengah' >>stateOrProvinceName :PRINTABLE:'Penang' >>countryName :PRINTABLE:'MY' >>Certificate is to be certified until Oct 16 09:25:44 2000 GMT (360 days) >> >>Write out database with 1 new entries >>Data Base Updated >>========================================================================= >> >>Please advice me on how to solve this problem. Thank. >> >>Regards, >> CHAR
begin:vcard n:;chchar x-mozilla-html:FALSE adr:;;;;;; version:2.1 email;internet:[EMAIL PROTECTED] x-mozilla-cpt:;-7072 fn:chchar end:vcard
