Table of Contents
Advertisement
Chapter 10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - SSL certificates - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Chapter 10
C:\certificates\DemoCA\CA\newcerts\01.pem
The file containing the next serial number that will be used for the next certificate to be
signed has been updated:
C:\certificates\DemoCA\CA\serial
The previous version of this file is in:
C:\certificates\DemoCA\CA\serial.old
The file containing the serial numbers and descriptions of all certificates issued by the
certificate authority has been updated with a description of the certificate just issued to
www.company.com:
C:\certificates\DemoCA\CA\index.txt
The previous version of this file is in:
C:\certificates\DemoCA\CA\index.txt.old
Creating a self-
If you decide to use this option, there is no need for a certificate authority. This limits the
effectiveness of the certificate since it is signed using the private key of the server.
signed
For the purposes of this example:
certificate
• the certificate will be requested for the domain name: www.company.com
• the secret password used to protect the key is your_password
1. Open a Windows command-line session.
2. Go to the directory where you installed the certificate tools. This example assumes
3. Execute the command: newselfcert domain_name
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 202 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
c:\certificates.
C:\certificates>newselfcert www.company.com
You will now be prompted for a password
that will protect the new private key.
Loading 'screen' into random state - done
0 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
...........................................................................++
+++
+
........++++++
e is 65537 (0x10001)
Enter pass phrase:
your_password
Verifying password - Enter pass phrase: your_password
Re-enter the password for your new private key
(The same you just entered)
Enter pass phrase for www.company.com.key: your_password
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [CA]:
State or Province Name (full name) [Quebec]:
Locality Name (eg, city) [Laval]:
Organization Name (eg, company) [Colubris Networks Inc.]:Company Inc.
Organizational Unit Name (eg, section) [Research & Development]:Department
Your Name []:www.company.com
Email Address [support@colubris.com]:webmaster@company.com
The resulting serf-signed certificate will then be displayed:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=CA, ST=Quebec, L=Laval, O=Company Inc., OU=Department,
CN=www.
company.com/Email=webmaster@company.com
- Quick Links:
- Introduction
- Wireless Radio
- Logging in
- Reset Button
Hide quick links:
Advertisement
Table of Contents
