| View previous topic :: View next topic |
| Author |
Message |
johnny_martins00
Apprentice
Joined: 01 Jun 2006
Posts: 293
|
 Posted: Fri Nov 03, 2006 2:11 am Post subject: Openssl and generating x509 certs questions |
 |
|
Hi. Im generating x509 certs for my Vpn, and that all ok till now. usually i use the | Code: | | openssl req -new -nodes -newkey rsa:1024 -sha1 -keyform PEM -keyout privkey.pem -outform PEM -out newreq.pem |
command to generate a certificate and a private key, but the problem now is that the fields that i have to enter information, country common name etc..., i have to get them from a file. Is there anyway to insert these fields from a file or any other way???
Im using a C programm to get the fields that a client types and them using the system function im creating the x509 certs, but till now didnt make it to insert automatically these fields...
Anyone knows a solution for this??
Thk |
|
| Back to top |
|
 |
johnny_martins00
Apprentice
Joined: 01 Jun 2006
Posts: 293
|
| Posted: Fri Nov 03, 2006 4:06 pm Post subject: |
|
|
i did some search on the web and i think that the solution its using a oid_file , a configuration file, but didnt understanded ... Did domebody allready used this option??
Thk |
|
| Back to top |
|
|
johnny_martins00
Apprentice
Joined: 01 Jun 2006
Posts: 293
|
| Posted: Mon Nov 06, 2006 12:31 am Post subject: |
|
|
Can anyone help me on this subject??
Thk |
|
| Back to top |
|
|
johnny_martins00
Apprentice
Joined: 01 Jun 2006
Posts: 293
|
| Posted: Mon Nov 06, 2006 5:59 pm Post subject: |
|
|
| Anyone? All i want is that openssl don't promp me to insert the fields... Dows anyone knows how? |
|
| Back to top |
|
|
johnny_martins00
Apprentice
Joined: 01 Jun 2006
Posts: 293
|
| Posted: Mon Nov 06, 2006 10:54 pm Post subject: |
|
|
oki after some research on the web i found that i can generate a cert using the -subj option.
| Code: |
openssl req -x509 -nodes -days 365 \
-subj '/C=PT/ST=Porto/L=Porto/CN=www.dei.isep.ipp.pt' \
-newkey rsa:1024 -keyout mycert.pem -out mycert.pem |
My question is: this way there are 3 fields that i dont insert values that ususally have to,
1 - the email address
2- Challenge Password
3- Optional Company name
Are these optional, or have i to insert them?is there any problem if i create a cert without these fields??
Thk |
|
| Back to top |
|
|
johnny_martins00
Apprentice
Joined: 01 Jun 2006
Posts: 293
|
| Posted: Wed Nov 15, 2006 2:34 pm Post subject: |
|
|
Can anyone help on how can i skip the step for teh cakey.pem??? geting the psswd from a file or inserting from a command?
Thk |
|
| Back to top |
|
|
|
Networking & Security
