Generating &installing self signed certs in NS 6.x
Hello. I'm running a small Intranet with various clients (Win32, Linux, Mac OSX). Now, I want to provide access via client certificates which I sign with my own CA. Everything works just fine when generating pkcs12 certifcates which are imported automatically in IE 5.x/6.x on Win 32. However, I can't figure out how to accomplish the import in Netscape 6.x in Linux/OSX. Is there a different format for Netscape certificates? And how are they imported? Would appreciate some kind of detailed howto on the matter but can't find anything in the list archives. Thanks, /Goran __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
How to create client certificate
Hi, all. I wrote a client/server application that uses SSL, and it currently verifies server-side certificate only. Now I'm trying to add client certificate verification. At the beginning, I thought I could just create/verifify client certicate using openssl command just as I did for server certificate, but somehow it's not working. My server program always gives an error message that the client does not have certificate. Could anyone please tell me how to create a client certificate and specific function calls different from the ones used for server side certificate verification? Basically, I used same function calls in both server and client side to verify each other. But it seems that it works only for server-side certificate verification. Thanks in advance and have a great day. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: How to create client certificate
Den 02-02-18 19.09 skrev "Sejin Choi" <[EMAIL PROTECTED]> följande: > But it seems that it works only for server-side certificate > verification. > Thanks in advance and have a great day. Hi. I've just accomplished this by reading the following guide, which is a "hands-on" for client auth. http://www.aboveground.cx/~rjmooney/projects/misc/clientcertauth.html Downside is, that it just covers IE/Win32, I would need to do the same using Netscape 6.x browsers... /Goran __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
How to create client certificate on TCP client not a web browser.
Hi, Goran. Thanks for your tip. I really appreciate it. :) However, my client/server application is not web-browser based. I'm sorry that I didn't clearly state my problem. :( I'm trying to use SSL over regular TCP/IP client/server communication on Linux machine. I successfully verified server-side certificate, but I don't know how to generate/verify client-side certificate for general TCP/IP client. Can any one please help? Göran Fröjdh wrote: > Den 02-02-18 19.09 skrev "Sejin Choi" <[EMAIL PROTECTED]> följande: > > > But it seems that it works only for server-side certificate > > verification. > > Thanks in advance and have a great day. > > Hi. > I've just accomplished this by reading the following guide, which is a > "hands-on" for client auth. > > http://www.aboveground.cx/~rjmooney/projects/misc/clientcertauth.html > > Downside is, that it just covers IE/Win32, I would need to do the same using > Netscape 6.x browsers... > > /Goran > > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List[EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
X.509 V3 Extension field
Is there someone have experience to creat X.509 V3 Extension field for Windows XP use? seems if not provide these field, windowxp will not recognize the certificate as a valid one. any idea is welcome,thanks __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]