Creating certificates

Rodney Simioni Wed, 19 Jun 2013 15:00:28 -0700

Hi,

There was an email earlier yesterday about LDAP/SSL/TLS but I'm going to
revise my question. Please disregard the email because instead of
creating certificates,


I'm going to use certs provided by my linux admin to configure SSL/TLS
with LDAP.

 

My sysadmin gave me 3 wildcard openssl files; with an ext of .cert,
.csr, and .key.

 

This wildcard.xxxxxxx.cert is suppose to be a CA, below are the
important  contents:

 

 

[root@fl1-lsh99apa007 ~]# openssl x509 -in wildcard.securesites.com.cert
-noout -text

Certificate:

    Data:

        Version: 3 (0x2)

        Serial Number: 69277 (0x10e9d)

        Signature Algorithm: sha1WithRSAEncryption

        Issuer: C=US, O=GeoTrust, Inc., CN=GeoTrust SSL CA

        Validity

            Not Before: Dec  1 05:59:42 2011 GMT

            Not After : Dec  2 01:04:06 2016 GMT

        Subject: serialNumber=NwnaG0OQxm/2fIiyWh6NThC40ROOk/KH, C=US,
ST=Colorado, L=Englewood, O=MYNAMESERVER, LLC, OU=Secure Services
Division, CN=*.securesites.com

        Subject Public Key Info:

            Public Key Algorithm: rsaEncryption

                Public-Key: (2048 bit)

....

X509v3 extensions:

            X509v3 Authority Key Identifier:

 
keyid:42:79:54:1B:61:CD:55:2B:3E:63:D5:3C:48:57:F5:9F:FB:45:CE:4A

 

            X509v3 Key Usage: critical

                Digital Signature, Key Encipherment, Data Encipherment

            X509v3 Extended Key Usage:

                TLS Web Server Authentication, TLS Web Client
Authentication

            X509v3 Subject Alternative Name:

                DNS:*.securesites.com, DNS:securesites.com

            X509v3 CRL Distribution Points:

 

                Full Name:

                  URI:http://gtssl-crl.geotrust.com/crls/gtssl.crl

 

            X509v3 Subject Key Identifier:

 
D9:88:62:C6:90:FE:5D:78:9B:AE:5A:78:AF:DF:30:49:7E:54:D3:83

            X509v3 Basic Constraints: critical

                CA:FALSE

            Authority Information Access:

                CA Issuers - URI:http://gtssl-aia.geotrust.com/gtssl.crt

 

How do I create signed certificates with the CA above and those wildcard
file so that it will be used with LDAP?

 

Please excuse my ignorance with openssl, I've been working with this for
a few days and there are so many ways to configure LDAP/SSL searching
google but

they haven't worked for me probably because I lack experience with SSL,
thanks in advance.

 

Rod



This email message is intended for the use of the person to whom it has been 
sent, and may contain information that is confidential or legally protected. If 
you are not the intended recipient or have received this message in error, you 
are not authorized to copy, distribute, or otherwise use this message or its 
attachments. Please notify the sender immediately by return e-mail and 
permanently delete this message and any attachments. Verio Inc. makes no 
warranty that this email is error or virus free.  Thank you.

Creating certificates

Reply via email to