Colubris Networks CN3000 Administrator's Manual page 200

Chapter 10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - SSL certificates - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Chapter 10
At this stage, two files have been created in c:\certificates:
• CompanyCA.key, which contains the private key for your new Certificate Authority.
• CompanyCA.pem, which contains the X.509 certificate for your Certificate Authority's
These two files have been respectively copied into:
C:\certificates\CA\private\CAkey.pem
and
C:\certificates\CA\private\CAcert.pem
Creating the web server certificates
Note: This section demonstrates how to create the equivalent of the noc-client.crt
certificate and www.noc-cn3000.com.pfx described in the section
authentication feature" on page 323
Once you have created the CA certificates, you can use them to create certificates for
your CN3000 or web server.
1. Open a Windows command-line session.
2. Go to the directory where you installed the certificate tools. This example assumes
3. Execute the command: newcert domain_name
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 200 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
25:14:24:93:00:f5:4f:c2:ee:6c:88:35:96:df:20:
80:69:4c:c8:13:df:7c:cc:06:86:c2:bc:30:4a:97:
41:b0:2d:23:33:60:bb:ba:68:5f:26:87:4b:22:14:
f6:3e:99:15:c6:ca:29:0d:c6:20:23:97:78:ae:94:
bb:13:02:ed:96:66:06:40:8a:60:7a:c8:ac:18:5b:
8c:4b:95:26:c2:84:04:e9:a9
Exponent: 65537 (0x10001)
Signature Algorithm: md5WithRSAEncryption
12:4c:98:8d:ed:da:42:5f:d4:d4:83:14:b1:2b:8a:28:a4:90:
30:8f:09:22:47:f5:3c:8d:e2:ae:8d:f6:4e:e9:14:0c:89:26:
f6:0a:92:dc:5a:9b:fc:77:e7:94:33:db:86:93:98:1b:34:37:
3d:5e:06:9e:4d:d9:50:4f:57:b5:3f:d8:06:ad:27:26:a8:5c:
b7:36:e0:10:ae:a2:b3:5a:ed:90:5a:90:85:0f:94:8e:01:55:
7d:e5:69:b1:60:19:9c:68:3b:4c:1c:4b:b7:0b:b5:47:9d:a5:
92:d6:45:df:e4:6a:db:96:af:58:13:88:c2:c2:f9:66:3b:32:
1d:bc
-----BEGIN CERTIFICATE-----
MIICvDCCAiWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBozELMAkGA1UEBhMCQ0Ex
DzANBgNVBAgTBlF1ZWJlYzEOMAwGA1UEBxMFTGF2YWwxFTATBgNVBAoTDENvbXBh
bnkgSW5jLjETMBEGA1UECxMKRGVwYXJ0bWVudDEoMCYGA1UEAxMfVGVzdC1Pbmx5
IENlcnRpZmljYXRlIEF1dGhvcml0eTEdMBsGCSqGSIb3DQEJARYOY2FAY29tcGFu
eS5jb20wHhcNMDIwMjI3MjE0NjQwWhcNMDMwMjI3MjE0NjQwWjCBozELMAkGA1UE
BhMCQ0ExDzANBgNVBAgTBlF1ZWJlYzEOMAwGA1UEBxMFTGF2YWwxFTATBgNVBAoT
DENvbXBhbnkgSW5jLjETMBEGA1UECxMKRGVwYXJ0bWVudDEoMCYGA1UEAxMfVGVz
dC1Pbmx5IENlcnRpZmljYXRlIEF1dGhvcml0eTEdMBsGCSqGSIb3DQEJARYOY2FA
Y29tcGFueS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMW4/yuCz5M5
65D//iGg3tQ4DK4I89zVUlmAnXJamy3PIuOEyffhmWd7CHRxJRQkkwD1T8LubIg1
lt8ggGlMyBPffMwGhsK8MEqXQbAtIzNgu7poXyaHSyIU9j6ZFcbKKQ3GICOXeK6U
uxMC7ZZmBkCKYHrIrBhbjEuVJsKEBOmpAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEA
EkyYje3aQl/U1IMUsSuKKKSQMI8JIkf1PI3iro32TukUDIkm9gqS3Fqb/HfnlDPb
hpOYGzQ3PV4Gnk3ZUE9XtT/YBq0nJqhctzbgEK6is1rtkFqQhQ+UjgFVfeVpsWAZ
nGg7TBxLtwu1R52lktZF3+Rq25avWBOIwsL5ZjsyHbw=
-----END CERTIFICATE-----
public key.
c:\certificates.
C:\certificates\DemoCA>newcert www.company.com
*** You will now be prompted for a password ***
*** that will protect the new private key.
Loading 'screen' into random state - done
0 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
...........++++++
....++++++
e is 65537 (0x10001)
Enter PEM pass phrase: your_password
Verifying password - Enter PEM pass phrase: your_password
*** Re-enter the password for your new private key ***
*** (The same you just entered) ***
Using configuration from openssl.conf
Enter PEM pass phrase:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
.
***
"Test the NOC