On Fri, Aug 02, 2002 at 10:34:35AM -0500, David Iungerich wrote: > Based on my needs, I believe utlizing the tools I already have would be best > for me. That said, does anyone have a yes or no answer for me as to whether > it will work. Again, the scenario follows. > > I have a situation where a test box is an NT machine. It happens to have > IIS running on it. (Won't be using it, but it's there.) Anyone see any > issue with me using it to generate a certificate request, then taking that > req over to a Linux box I have running with openssl, use open ssl to build > the cert and public key, then using what was generated back on the NT box? > Also, if anyone has the suggestions for the openssl command syntax, that > would be nice too. I'd kind of like to ultimately be using a pkcs#12 cert > and public key. We'll be using a Verisign cert on our production box, but > for this test box, it's NT, and I'm looking for the simplest route to > getting a self-signed cert on that box.
consider the following: o I'm not sure, if NT/IIS will be happy with a self signed certificate to be used as SSL/server certificate o for creating a self signed cert from a PKCS#10 request requires the private key and I'm not sure if NT/IIS enables you to export that key. Possible solutions: o create a selfsigned cert with openssl, convert it to PKCS12 and import it to NT/IIS o create a CAcert with openssl, use it for signing the NT/IIS�request and import the signed request and the CA cert into your NT/IIS box the CA.pl tool will assist you doing this. regards Christian > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
