Here's my steps to create working client certificates:
1. openssl req -new -out clienta.csr -keyout clientakey.pem
Enter the details for the certificate, i.e common name being the client/employee, "Joe
Bloggs".
2. openssl x509 -req -in clienta.csr -out clienta.pem -CA YOUR_SERVERS_CERTIFICATE
Grant,
Thanks for the pointers. The process ran OK for me, but IE was still not happy with
the resultant .p12 file, telling me :
The input information is invalid.
If i assume that the .p12 file i am generating is valid, could it be that the problem
lies elsewhere? For example a mismatch with
ct: Re: Generating and using client/browser certificates.
>
> I have progressed a little , i am now able to generate certs that IE will
import:
>
> CA.pl -newreq
> openssl ca -in newreq.pem -out result_file -days 30
> openssl crl2pkcs7 -certfile result_file -in crl.pem -out cert.
I understand that it is possible to use client side certificates (ie certificates
stored in the browser) to control access to pages and directories on a webserver.
I've been following notes provided with OpenSSL for generating ssl certificates
suitable for importing into a browser. For exampl
