Tugriceri Web Notes

other ssl issue with my own ca

by on Mar.18, 2009, under Security

cat ca.conf
[ ca ]
default_ca = ca_default
[ ca_default ]
dir = /root/tugriceri.com_CA/ca/
certs = /root/tugriceri.com_CA/ca/
new_certs_dir = /root/tugriceri.com_CA/ca/ca.db.certs
database = /root/tugriceri.com_CA/ca/ca.db.index
serial = /root/tugriceri.com_CA/ca/ca.db.serial
RANDFILE = /root/tugriceri.com_CA/ca/ca.db.rand
certificate = /root/tugriceri.com_CA/ca/ca.crt
private_key = /root/tugriceri.com_CA/ca/ca.key
default_days = 365
default_crl_days = 30
default_md = md5
preserve = no
policy = generic_policy
[ generic_policy ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional

openssl ca -config ca.conf -notext -out one.tugriceri.com/one.tugriceri.com.cer -infiles one.tugriceri.com/one.tugriceri.com.csr

openssl x509 -req -days 365 -in one.tugriceri.com/one.tugriceri.com.csr -CA ca/ca.crt -CAkey ca/ca.key -CAcreateserial -out one.tugriceri.com/one.tugriceri.com.cer

openssl verify -CAfile ../ca/ca.crt one.tugriceri.com.cer

No comments for this entry yet...

Comments are closed.

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...