hello i thank you very much sir, i'v other question , where i put the name of signature algorithm which i use it to sign a certificate , cause in my config file i put only the MD5 function (but it is a hash function and i can't use it to sign, am i wrong??) in my sslcreat.pl # create request config file (look please the bold underlined ligne ) sub create_ca_config_file {
my ($file) = @_; open TMP, ">$file"; print TMP "[ ca ]\n"; print TMP "default_ca = CA_default\n"; print TMP "[ CA_default ]\n"; print TMP "dir = $ARAN_CA_DIR\n"; print TMP "database = \$dir/index.txt\n"; print TMP "new_certs_dir = \$dir/newcerts\n"; print TMP "certificate = \$dir/cacert.pem\n"; print TMP "serial = \$dir/serial\n"; print TMP "private_key = \$dir/private/cakey.pem\n"; print TMP "RANDFILE = \$dir/private/.rand\n"; print TMP "\n"; print TMP "default_days = $ARAN_CA_DAYS\n"; print TMP "default_crl_days = 30\n"; print TMP "default_md = md5\n"; print TMP "\n"; print TMP "policy = policy_any\n"; print TMP "\n"; print TMP "[ policy_any ]\n"; print TMP "countryName = optional\n"; print TMP "stateOrProvinceName = optional\n"; print TMP "organizationName = optional\n"; print TMP "organizationalUnitName = optional\n"; print TMP "commonName = supplied\n"; print TMP "emailAddress = optional\n"; print TMP "\n"; print TMP "[ req ]\n"; print TMP "default_bits = 1024\n"; print TMP "distinguished_name = req_distinguished_name\n"; print TMP "prompt = no\n"; print TMP "\n"; print TMP "[ req_distinguished_name ]\n"; print TMP "CN = ARAN CA\n"; print TMP "\n"; close TMP; } best regards > Date: Tue, 24 Feb 2009 08:34:54 +0100 > Subject: Re: what it is X509_STORE ? > From: toondel...@gmail.com > To: openssl-users@openssl.org > > It is a certificate memory store where you should put your > certificates (CA, root etc..) of your trusted path that are needed by > your application for signature verifycation. Thjis is also the place > you will put your CRL. > > Have a look at X509_STORE _xxx and X509_load_xxx. functions. You > might also consider using PEM_read_xxx fnuctions for your signing > certificate. > > regards > > Emmanuel > > 2009/2/24 sarym binome <binome_...@hotmail.com>: > > hello > > i try create a X509 certificate for a CA and certificates signed by the CA , > > and i want to check it (verify it) , somebody tell me what it is X509_STORE > > ? > > thanks. > > > > ________________________________ > > Tous vos amis discutent sur Messenger, et vous ? Téléchargez Messenger, > > c'est gratuit ! > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org _________________________________________________________________ Découvrez toutes les possibilités de communication avec vos proches http://www.microsoft.com/windows/windowslive/default.aspx