for a self-signed certificate... NB Does NOT work for a public
webpage...
with both iis4 & iis5, i took the ca.crt and server.crt that was
generated... edited to remove the human readble stuff at the benginning
- ie down as far as the --begin certificate etc...
took the files over to my win box and double clicked on them and
"installed them"...
at the client - the browser obviously hasn't heard of the CA called Sean
:-) so i take the CA.crt to my client winPC and double click ... now my
MSIE has heard of CA-Sean... and i can browse my internal secure server
to my hearts content AS-IF i'd gone off and bought a cert - which you
can't do if its internal only afaik...
cheers,
Sean O'Riordain
[EMAIL PROTECTED] wrote:
>
> >-----Original Message-----
> >From: Nevalainen, Eric [mailto:[EMAIL PROTECTED]]
> >Sent: 22 August 2001 17:20
> >To: 'Robert Krenn'
> >Cc: '[EMAIL PROTECTED]'
> >Subject: W2k wiazrd
> >
> >
> >Bingo!
> >
> >The string:
> >
> >bash-2.04# OpenSSL ca -out request.pem -notext -infiles certreq.txt
> >where -out =the cert to be generated, and -infiles =the
> >pending request,
> >the -notext option supresses the plaintext form of the
> >certificate to the
> >output file. IIS 5 seems to like this.
> >
> >output looks like:
> >
> I wouldn't hold your breath if this is a "self-signed" certificate. No doubt
> someone else will correct me if I'm wrong, but I've never been able to get
> self-signed certificate working on any version of IIS.
>
> (I'm assuming this is a server cert. If it's a client cert then I'm probably
> barking up the wrong tree).
>
> -
> John Airey
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
