CA certificates, i.e. root.crt goes in to the cacerts file.
Cheers,
Tomas
http://www.ejbca.org/
On 03/29/2011 09:26 PM, David Patricola wrote:
I’ve found plenty of google results but I am having a disconnect with
the install. My server has it’s own server.crt, server.key and root.crt
fil
enssl 0.9.8g to work with version 2 CRLs ?
Please help. Thanks a bunch in advance...
-Original Message-
From: Tomas Gustavsson [mailto:tom...@primekey.se]
Sent: Monday, September 27, 2010 3:27 AM
To: openssl-users@openssl.org
Cc: Hasan Rezaul-CHR010
Subject: Re: Signed Certificates a
Why no try the open source PKI book as a starter...
http://ospkibook.sourceforge.net/docs/OSPKI-2.4.7/OSPKI-html/ospki-book.htm
Cheers,
Tomas
On 09/24/2010 10:13 PM, Hasan Rezaul-CHR010 wrote:
Hi All,
Would anyone kindly point me to literature that CLEARLY explains exactly
how:
Certificates
Yes that is ok.
It's even easier with:
openssl x509 -in cacert.pem -inform PEM -out cakey.cer -outform DER
no need to rename...
Cheers,
Tomas
Andrew Greig skrev:
I am using openssl to generate pk12 user certs to be used for signing Adobe
Acrobat PDF documents. In order to get Acrobat to
1. If you can export CA from windows, only MS can tell you. If you can
export it in a usable format, for example PKCS#12 for the CA keys and
PEM/DER for user certificate. Depending on the CA product in Linux you
should be able to import it easily, OpenSSL CA, EJBCA, ...
2. You don't write we
EJBCA (ejbca.sourceforge.net) has some support for SCEP, not sure if it
has been tested succesfully against any Cisco equipment though.
Cheers,
Tomas
Peter Sylvester wrote:
Thanks for the info. We've looked at OpenCA but it utilizes
openssl so I figured it would be possible to do some command-li
It's actually not only that it is self-signed. The extension:
X509v3 Basic Constraints:
CA:TRUE
Should not be TRUE, it should be FALSE. Only CAs have this set as TRUE
(just as it says). Apache obviously does not like this either since this
occurs in the log:
-
[Mon D
