Exactly right!
"openssl s_client -CAfile demoCA/cacert -connect server.net:443"
This returns no errors.
However, I still get the following when I try to connect from Mozilla.
"The connection was refused when trying to contact 192.168.1.103"
Stupid me! I was using "http://";! It works perfectly wi
On Tue, Sep 14, 2004, Steve Ankeny wrote:
> Here's the commands I used to create my own CA and my own certificate
> and key
>
> "CA.pl -newca"
> "CA.pl -newreq"
> "CA.pl -signreq"
>
> Everything went well (no errors), and I wound up with newcert.pem and
> newreq.pem (as well as cacert.pem
Here's the commands I used to create my own CA and my own certificate
and key
"CA.pl -newca"
"CA.pl -newreq"
"CA.pl -signreq"
Everything went well (no errors), and I wound up with newcert.pem and
newreq.pem (as well as cacert.pem as expected).
I renamed newcert.pem and newreq.pem to help i
Very good suggestions! Thanks
I will not have time to try these until this evening, but I will report
any errors, etc. You guys are the best.
Dr. Stephen Henson wrote:
On Sat, Sep 11, 2004, Steve Ankeny wrote:
Sorry about the html
First of all, I am using Mozilla. I never use IE
What ve
On Sat, Sep 11, 2004, Steve Ankeny wrote:
> Sorry about the html
>
> First of all, I am using Mozilla. I never use IE
>
What version of Mozilla are you using? If you have a newer version then you
will have an "Import" button. You select Edit->Preferences->Private &
Security->Certificates.
Sorry about the html
First of all, I am using Mozilla. I never use IE
Secondly, every time I try to import the 'server.crt' it complains that
it is not in 'pkcs12' format.
Thirdly, the CA.pl "guides" are just as confusing as the OpenSSL guides.
I have yet to find a clear-cut description of
On Sat, Sep 11, 2004, Steve Ankeny wrote:
Please don't post in HTML.
As to your query. This is much easier if you follow the CA.pl instructions.
Some "guides" suggest you do all manner of strange and in some cases insecure
things.
You do *not* import the server private key and certificate into t
Here's what I did
Command
Usage
openssl genrsa -des3 -out ca.key 1024
Created key for my own CA
Remained in /etc/ssl
openssl req -new -x509 -days 3650 -key ca.key
-out ca.crt
Created the CA certifica
