how to generate an authoritive CA Certificate?
hello,everybody: Glad to talk to you!I happen to be a learner,so,if I have some problems let you feel bad,patient to me,please! When I constructed my web station through apache,I met with some problems! I made theCA Certificate by myself,and issued a server.crtfor my web server using this CA,but I foundan unexpected warning happened when I tried to connect my apache server through MSIEnetscape.Thereis a warning message which says my certificate is not issued by Trusted CA. I thinkthe CAgenerated by myselfmust be have some problems.My question is:canguys make CA by themselves? If so,the steps I generate my CA are: 1.create a RSA private key for my CA: $openssl genrsa -des3 -out ca.key 1024 2.create a self-signed CA Certificate (X509 structure) with the RSA key of the CA. $openssl req -new -x509 -day 365 -key ca.key -out ca.crt 3.sign the certificate of my server using sign.sh provided by mod_ssl/pkg.contrib/ $sign.sh server.csr Then I got my server.crt issued by my CA Certificate. Is there any problems during the process I generate CA? Any help are appreciated!:) zhaoxd
how to generate an authoritive CA Certificate?
hello,everybody: Glad to talk to you!I happen to be a learner,so,if I have some problems let you feel bad,patient to me,please! When I constructed my web station through apache,I met with some problems! I made theCA Certificate by myself,and issued a server.crtfor my web server using this CA,but I foundan unexpected warning happened when I tried to connect my apache server through MSIEnetscape.Thereis a warning message which says my certificate is not issued by Trusted CA. I thinkthe CAgenerated by myselfmust be have some problems.My question is:canguys make CA by themselves? If so,the steps I generate my CA are: 1.create a RSA private key for my CA: $openssl genrsa -des3 -out ca.key 1024 2.create a self-signed CA Certificate (X509 structure) with the RSA key of the CA. $openssl req -new -x509 -day 365 -key ca.key -out ca.crt 3.sign the certificate of my server using sign.sh provided by mod_ssl/pkg.contrib/ $sign.sh server.csr Then I got my server.crt issued by my CA Certificate. Is there any problems during the process I generate CA? Any help are appreciated!:) zhaoxd