I have just started to learn OpenSSL, and I am having troubles finding documentation that is helpful.
www.openssl.org seems to have lots of reference documentation, but not too much in usage documentation, e.g., what are the typical contents expected in the SAN for a CA cert vs. those of a server cert. My copy of O'Reilly's book on OpenSSL is well-used, but it is also over ten years since it was printed. I've spent a lot of quality time in google, but that has yielded lots and lots of websites, many with conflicting information, and information that yields syntax errors when I try to implement it. Basically, for example, what I want to do is understand the "Setting Up A Certificate Authority" section of O'Reilly's book (starting on page 59). Excerpts of a config file are given, but with only superficial information about the values contained in a config file. I want to understand what commands invoke what v3 extension sections, e.g., (example 3-5, page 65 in O'Reilly) when I invoke the openssl req command to generate a CA csr, how does that translate into the part of the config file that specifies what extensions will be included in the csr? Ditto for openssl req for a server csr. All the pieces seem to be documented, but I am having difficulty figuring out how the pieces fit together. Does anyone know of a place where that next step is discussed and explained? Thanks. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
