Nancho,
For every certificate I generate from script a custom .cnf file.
The relevant parts of the configuration file are:
[ req ]
prompt = no
distinguished_name = req_distinguished_name
output_password =
[ req_distinguished_name ]
C
Could you, Please, send me the openssl.cnf (or relevant part of it) you
used to sign the certificate.
The sign script I use creates one .cnf on the fly so check it out.
The proccess I follow is this:
I generate the key:
openssl genrsa -des3 -out clienteNets-dsa.key 1024
Then I generate the c
Nacho,
These extensions do work with IIS (the certificate is generated using
openssl 0.9.6).
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Telfort SITB authentication
Netscape Cert Type:
extensions in your certificate.
_
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, March 21, 2001 1:10 PM
Subject: Re: how t
No! my bowser shows me the 2 certificates, the working one and the non working
one.
He sends the a list of CA's whith the 2 signing CA's.
And I've tried to generate a client certificate with safelayer and it works too!
the safelayer cert and the NT one share this extensions:
X509v
the server-specified CA's.
_
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, March 21, 2001 11:35 AM
Subject:
I need to connect to a IIS4.0 on a NT4.0 server requiring a client certificate,
but i cannot
generate a suitable client certificate using openssl.
When i connect to the site the browser shows me a list with all the certificates
i have
to select one. But the only one that works is the one genera
