Can the same process be duplicated without going commercial? I need a certificate that doesn't use a FQDN for the common name and I haven't found a commercial one that allows that.
That is my other alternative. If there's a commercial one I can buy that can have a common name without a . in it OR build a cert from a CSR without using the private key that generated the CSR I'll take it. I don't have access to the private key that goes with the CSR. This is just for a secure management page that is not public. The device that generated it's own certificate doesn't work with Firefox, but it does with I.E. Ideas? Thanks, Chuck You cannot self-sign a certificate without the private key file. The private key file is the thing which allows the signature to be created, the public key (in the certificate) is the thing which allows the signature to be verified. Commercial SSL certificates don't require *your* private key file -- they require (and use) their own private key, which is usually stored on a smart card or something with a higher level of security than a filesystem. (Their public keys, which go with their private keys, are distributed in the form of root certificates.) -Kyle H -- View this message in context: http://www.nabble.com/self-signed-cert-without-private-key-file-tp22609395p22621760.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org