Oh well decided to read the book. Wow! amazing simply
reading a book can answer all your questions and if
you follow simple rules for building certficates you
can actually build a secure connection. Marvelous.
Very happy. Got a server and client working like a
charm.
Cheers,
Garyc
--- gary clark <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I'm attempting to load a server certificate into a
> server.
>
> I create the certificate using the following:
>
> Generate a CA
> 1) openssl req -out ca.pem -new -x509
> -generates CA file "ca.pem" and CA key
> "privkey.pem"
> Generate server certificate/key pair
> - no password required.
> 2) openssl genrsa -out server.key 1024
> 3) openssl req -key server.key -new -out
> server.req
>
> 4) openssl x509 -req -in server.req -CA CA.pem
> -CAkey privkey.pem -CAserial file.srl -out
> server.pem
> -contents of "file.srl" is a two digit
> number.
> eg. "00"
>
> I have a question concerning the following call:
>
> if
>
(SSL_CTX_use_PrivateKey_file(ctx,PRIVKEY,SSL_FILETYPE_PEM)
> != 1)
> {
> ERR_print_errors_fp(stderr);
> printf("Error loading private key from file");
> }
>
> I'm passing into the PRIVKEY argument server.key?
> When
> I try to pass "privkey.pem" that was generated
> it wants to know the "Enter PEM pass phrase" which I
> entered. It then fails to load the private key from
> the file.
>
> Could somebody be so good to enlighten me on this?
>
> Thanks,
> Garyc
>
>
>
>
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
