help with certificate

Roelf Schreurs Sun, 12 May 2002 02:06:05 -0700

Hi
I need some help and don't know where else to look anymore.

I have courier-imap running and want to use ssl. First I tested with the ssl
from courier-imap. This was working fine. The cerificate looked like this:
-----BEGIN RSA PRIVATE KEY-----
MIICXA...
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIID...
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
MEYC...
-----END DH PARAMETERS-----


Now I want to use verisign. These are the steps i took.
Created dir verisign and copy CA.pl and openssl.cnf into that dir.
Then I run "perl CA.pl -newreq" and end up with the file newreq.pem
I the copied the request part and applied with verisign. They then send me a
certificate back.

I created the dir demoCA. In there I copied the certificate from verisign to
cacert.pem and created an empty file called index.txt and a serial with "01"
inside. I also created a dir called private and copied the RSA private key
part from the request to cakey.pem

then in the verisign dir, I run "perl CA.pl -sign" and get a new file called
newcert.pem and it looks like:
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: C=NL, ST=Noord-Holland, L=Amsterdam, OU=www.megasign.nl/RPA
(c)98, OU=Authenticated by Roccade, OU=Member, VeriSign
Trust Network, O=I...., OU=trading, CN=...
        Validity
            Not Before: May 11 23:20:13 2002 GMT
            Not After : May 11 23:20:13 2003 GMT
        Subject: C=NL, ST=Noord-Holland, L=Amsterdam, O=IMC company.,
OU=trading, CN=...
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:c0:...
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints:
                CA:FALSE
            Netscape Comment:
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier:
                2D:F7...D
            X509v3 Authority Key Identifier:
                DirName:/C=US/O=RSA Data Security, Inc./OU=Secure Server
Certification Authority
                serial:13...

    Signature Algorithm: md5WithRSAEncryption
        a9:b5:89:...
-----BEGIN CERTIFICATE-----
MIIEM...
-----END CERTIFICATE-----

But when I copy this over the certificate used by courier-imap, it doesn't
work.

Do i need to convert this last cert to another format? And how?
Thanks
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

help with certificate

Reply via email to