Re: Certificate Hierarchy

2005-10-31 Thread Cesc
On 10/31/05, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: On Mon, Oct 31, 2005, Cesc wrote:> But, will this user.p7c be accepted on the setup of the web server (apache)? > i tried using it with s_server ... no luck.For those cases you can include the certificates in the trusted store (e.g.concate

Re: Certificate Hierarchy

2005-10-31 Thread Cesc
On 10/31/05, Rajeshwar Singh Jenwar <[EMAIL PROTECTED]> wrote: Hi Steve, I just want to expand this thread. Can u help me ? I want create root CA using openssl(0.9.8) on linux box(kernel 2.6.10). Then i want to create intermediate CAs signed by the root CA using openssl. Can you suggest me how th

Re: Certificate Hierarchy

2005-10-30 Thread Rajeshwar Singh Jenwar
Hi Steve, I just want to expand this thread. Can u help me ? I want create root CA using openssl(0.9.8) on linux box(kernel 2.6.10). Then i want to create intermediate CAs signed by the root CA using openssl. Can you suggest me how this is possible ??   Thanks in advance.   Rajeshwar Singh  On 10/3

Re: Certificate Hierarchy

2005-10-30 Thread Dr. Stephen Henson
On Mon, Oct 31, 2005, Cesc wrote: > > > For the sake of completion in this thread, this is what i did ... > openssl crl2pkcs7 -nocrl -certfile user.pem -certfile > intermediate.pem-certfile > root.pem -outform DER -out user.p7c > Actually, the root.pem cert needs not be included ... as long as

Re: Certificate Hierarchy

2005-10-30 Thread Cesc
It kinda worked ... but i have a few more doubts :) Tks a lot! See below On 10/30/05, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: On Sun, Oct 30, 2005, Cesc wrote:> See below ...>>> Used this way, it gives an OK.>So OpenSSL thinks all is fine.> If you get an error include the -issuer_checks debug

Re: Certificate Hierarchy

2005-10-30 Thread Dr. Stephen Henson
On Sun, Oct 30, 2005, Cesc wrote: > See below ... > > > Used this way, it gives an OK. > So OpenSSL thinks all is fine. > If you get an error include the -issuer_checks debugging option. > > > > Adding this debug option, i thought it may be interesting to show the > output ... here it is: > er

Re: Certificate Hierarchy

2005-10-30 Thread Cesc
See below ...On 10/29/05, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: On Sat, Oct 29, 2005, Cesc wrote:> Hi,>> I am facing a problem it seems this guy from the email above also had, i> just wonder what is the answer.>> My problem is that i want to create a multiple level CA ... > RootAuthority RA

Re: Certificate Hierarchy

2005-10-29 Thread Dr. Stephen Henson
On Sat, Oct 29, 2005, Cesc wrote: > Hi, > > I am facing a problem it seems this guy from the email above also had, i > just wonder what is the answer. > > My problem is that i want to create a multiple level CA ... > RootAuthority RA > CertAuthority CAx ... > Users > > Thus, RA signs certs