hi, The third command will just concatenate the key and certificate in one file. You can open server.pem and verify.
Regards, Akash On Mon, Apr 9, 2012 at 11:23 AM, Mithun Kumar <mithunsi...@gmail.com> wrote: > I am newbie to OpenSSL. I am trying to understand how certificates are > generated. I downloaded the samples and started understanding the * > "Makefile"* that came with the sources. > > Below is my understanding so far > > * $(OPENSSL) req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out > serverreq.pem -config server.cnf -reqexts req_extensions* > Here we are trying to create a RSA private key with Private Key file " > serverkey.pem" and output file "serverreq.pem " > > *$(OPENSSL) x509 -req -in serverreq.pem -sha1 -extfile server.cnf > -extensions certificate_extensions -CA serverCA.pem -CAkey serverCA.pem > -CAcreateserial -out servercert.pem* > Here we are creating a ServerCertificate which has the private key > from serverreq.pem , signed by CA serverCA.pem using CA private key > serverCA.pem > > * $(CAT) servercert.pem serverkey.pem serverCAcert.pem rootcert.pem > > server.pem* > Not shure why we are doing here. > > > Can some one explain me clearly above 3 commands. > Also during Server Authentication , Server sends its certificate to the > client which has the Public Key of the server. Here where is the Public Key > generated? > > Attachment has the MakeFile that i am referring to. > > > -Thanks > mithun > >