ca

certificate signing request: Does it contain public key or private key?

守給你的承諾、 提交于 2021-02-11 12:29:34
问题 I am trying to demystify how CSR is generated, and role of the public and private key. Server1: Generate a public and private key Now, I want CSR and for that, I will go to a CA for signing. For creating a CSR request, is it based on server's public key or private key? I referred to this SO question; in there, it says the server (which is requesting for CSR) itself signs CSR by its private key, before sending it to CA. I am bit confused, have the following questions: The end product (the

Client SSL with Self Signed CA not working

跟風遠走 提交于 2021-02-04 10:58:38
问题 I have been struggling with an SSL problem for more than 1 month. We have used openssl to generate our own CA, server and client certificates. We have also enable "SSLrequire" on the Apache web server (in htaccess this may be wrong), which means that anyone trying to connect through https on the server needs to present a valid certificate The step are as follows; generate the CA key generate the CA CSR sign the CA CSR with the CA Key so we have our own CA which is used to sign our server and

Client SSL with Self Signed CA not working

久未见 提交于 2021-02-04 10:58:25
问题 I have been struggling with an SSL problem for more than 1 month. We have used openssl to generate our own CA, server and client certificates. We have also enable "SSLrequire" on the Apache web server (in htaccess this may be wrong), which means that anyone trying to connect through https on the server needs to present a valid certificate The step are as follows; generate the CA key generate the CA CSR sign the CA CSR with the CA Key so we have our own CA which is used to sign our server and

starttls successful even after deleting CA from the ca dir

北慕城南 提交于 2021-01-27 22:51:12
问题 I'm having trouble verifying the correct behavior of my software. Here are the steps I am performing to verify correct operation: I have sample code that uses openldap library and doing a start tls to a ldap server. I have set the global option for ca cert directory and tlx context for the first time. After that I did ldap int and ldap start tls to a server. This is succesful as expected. I did an ldap_unbind_s I deleted the CA cert that signed the ldap server's certificate from the ca cert

创建自己的CA机构

徘徊边缘 提交于 2020-11-13 14:02:13
1. 创建 openssl.cnf [ ca ] default_ca = subchen_ca [ subchen_ca ] certificate = ./ca-cert.pem private_key = ./ca-key.pem database = ./index.txt serial = ./serial new_certs_dir = ./certs default_days = 3650 default_md = sha1 policy = subchen_ca_policy x509_extensions = subchen_ca_extensions [ subchen_ca_policy ] commonName = supplied stateOrProvinceName = optional countryName = optional emailAddress = optional organizationName = optional organizationalUnitName = optional [ subchen_ca_extensions ] basicConstraints = CA:false [ req ] default_bits = 2048 default_keyfile = ./ca-key.pem default_md =