Len wrote:
>
> Hi,
>
> >
> > I do not understand very well your question.
> > To generate a certificate request (the client) use: openssl req -newkey
> > rsa:1024
> > To sign it and gen the cert. use: openssl ca .....
> >
>
> I guess I don't understand this very well, sorry...
>
> On the client side ssl do I need a key pair for a certificate? When you
> do this from a web browser it creates two keys, public and private. When
> I make a key from openssl it just makes one. I'm lost..
>
Roughly speaking:
The private key includes the public key components. So it doesn't need
to create two separate keys. When it needs to do something with the
public key it can just use the "public key bit" of the private key.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
