Hi,
I would suggest using CSP - a perl wrapper for OpenSSL - to set up your CA:
http://devel.it.su.se/pub/jsp/polopoly.jsp?d=1026&a=3290
You can download the source using CVS (see
http://devel.it.su.se/pub/jsp/polopoly.jsp?d=1025).
CSP is quite easy to use, at least, to get started. Here is the manual:
http://devel.it.su.se/content/1/c4/32/90/cspguide.pdf
It also will create basic web pages for your CA.
Another program for setting up the CA is OpenCA
(http://www.openca.org/), but it is not so easy to configure and run it,
so, if you are a beginner, I think, the first program better suits you.
Hope, this helps.
Best regards,
Arsen.
legolas wrote:
Hi
Thank you for reading my post.
Can some please tell me whether what i think is correct or not and then give
me some help to complete what I am intending to complete?
Each user in a system can have a digital certification.
this digital certifications can be generated using techniques mentioned in
http://www.openssl.org/docs/HOWTO/keys.txt
and
http://www.openssl.org/docs/HOWTO/certificates.txt
There should be some way to give some correctness and make it possible to
trust to certifications that are available in a system, to address this we
should sign them all with a single digital certification which is our CA
certification.
We should keep this CA certification in a safe place and does not allows any
one to use it expect the authorized people.
Now we can provide applications that are available in our system with CA
certification, then they can check any other certification with this unique
key to make sure that they are signed with our own CA key.
My problems are :
- How i can setup the CA?
- How i can sign users DS with our CA digital signature?
Thanks alot.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
