Hi, I assume you have done a lot of googling and have read the docs extensively.
First, what is your end goal? Since creating a certificate and having it signed by your own CA is not that difficult. What resources have you consulted. What have you already tried. Have you looked at the resulting certificate to verify its contents Regards, Serge Fonville On Mon, Aug 17, 2009 at 4:41 PM, Gerald Iakobinyi-Pich <nutri...@gmail.com>wrote: > Hello, > > I am trying to create a certificate, on win, and I am having some troubles > with OpenSSL. First I generate a key. That's ok. Then I create a request: > > openssl req -config .\openssl.cnf -subj > "/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test Certificate" -new -days 365 > -key ..\demo_store\private\private_key_client.pem -outform PEM -out > ..\demo_store\request\req_server.csr -passin pass:pass > > Then I want to sign this: > openssl x509 -inform PEM -req -in ..\demo_store\request\req_server.csr > -outform DER -out ..\demo_store\certs\cert_server.der -CAform DER -CA > ..\demo_store\certs\ca_cert.der -CAkeyform PEM -CAkey > ..\demo_store\private\ca_private_key.pem -CAcreateserial > > And the message printed out is: > Loading 'screen' into random state - done > Signature ok > subject=/C=RO > Getting CA Private Key > > > Now, what disturbs me, is that it seems that the subject I have provided > with "-subj" in the first "openssl req" command has been ignored. > Why is that happening? What am I doing wrong? > > Thanks, > Gerald > > >
