RE: Create certificates and keys from C/C++
Thank you, but where can I find apps/ca.c, apps/req.c, and apps/x509.c files...I don't have in my computer, but openssl it works. I usually create keys with command: "openssl req -days 3650 -nodes -new -keyout XY.key -out XY.csr -config openssl.cnf". Regards -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: mercoledì, 2. maggio 2007 17:58 To: openssl-users@openssl.org Subject: RE: Create certificates and keys from C/C++ > Hi, is there a function or something similar to create keys > and certificates directly from code? > Thank You Yes. There are functions like RSA_generate_key, DSA_generate_key, X509_sign, and so on. It is not a particularly simple thing to do though. Look at the example code in apps/ca.c, apps/req.c, and apps/x509.c, also demos/selfsign.c may be helpful. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Create certificates and keys from C/C++
hi Download the openssl-0.9.8e.tar.gz(or other version) tar ball from ww.openssl.org and uncompress it you will have apps directory in it there u can find all necessary files. Thanks, subbu On 5/4/07, muggiasca <[EMAIL PROTECTED]> wrote: Thank you, but where can I find apps/ca.c, apps/req.c, and apps/x509.c files...I don't have in my computer, but openssl it works. I usually create keys with command: "openssl req -days 3650 -nodes -new -keyout XY.key -out XY.csr -config openssl.cnf". Regards -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: mercoledì, 2. maggio 2007 17:58 To: openssl-users@openssl.org Subject: RE: Create certificates and keys from C/C++ > Hi, is there a function or something similar to create keys > and certificates directly from code? > Thank You Yes. There are functions like RSA_generate_key, DSA_generate_key, X509_sign, and so on. It is not a particularly simple thing to do though. Look at the example code in apps/ca.c, apps/req.c, and apps/x509.c, also demos/selfsign.c may be helpful. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- with regards Subramanaim Engineer Software SCM Microsytems (INDIA) Pvt. Ltd.
RE: Create certificates and keys from C/C++
Thank you I did it but I think that is too difficult for me without explications of functions and structures and ... There isnt a manual (guide?) or a document about this functions? Regards P.S: Sorry for this stupids questions _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Subramaniam Sent: venerdì, 4. maggio 2007 11:31 To: openssl-users@openssl.org Subject: Re: Create certificates and keys from C/C++ hi Download the openssl-0.9.8e.tar.gz(or other version) tar ball from ww.openssl.org and uncompress it you will have apps directory in it there u can find all necessary files. Thanks, subbu On 5/4/07, muggiasca <[EMAIL PROTECTED]> wrote: Thank you, but where can I find apps/ca.c, apps/req.c, and apps/x509.c files...I don't have in my computer, but openssl it works. I usually create keys with command: "openssl req -days 3650 -nodes -new -keyout XY.key -out XY.csr -config openssl.cnf". Regards -Original Message- From: [EMAIL PROTECTED] [mailto: <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] On Behalf Of David Schwartz Sent: mercoledì, 2. maggio 2007 17:58 To: openssl-users@openssl.org Subject: RE: Create certificates and keys from C/C++ > Hi, is there a function or something similar to create keys > and certificates directly from code? > Thank You Yes. There are functions like RSA_generate_key, DSA_generate_key, X509_sign, and so on. It is not a particularly simple thing to do though. Look at the example code in apps/ca.c, apps/req.c, and apps/x509.c, also demos/selfsign.c may be helpful. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org <mailto:openssl-users@openssl.org> Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- with regards Subramanaim Engineer Software SCM Microsytems (INDIA) Pvt. Ltd.
RE: Create certificates and keys from C/C++
> Thank you > I did it but I think that is too difficult for me without > explications of functions and structures and ... There isnt > a manual (guide?) or a document about this functions? > Regards I would very strongly advice you to find a knowledgeable security expert to assist you. What you are trying to do is simple in principle but complex in implementation and if you do something wrong, things may appear to work but the security you are expecting to get may not actually be there. You cannot just drop a secure library into a project and get a secure result. You have to know exactly what you're doing and what the implications of what you do are. I honestly believe that helping people to just "get it done" in situations like this is harmful. For example, once you get what appears to be a valid certificate, do you know how to analyze every field in the certificate to make sure you actually generated the certificate that does what you expect it to? Do you know how to configure the certificate so that it can't be used for purposes other than those intended? I would recommend you find a web page explaining how to issue certificates with OpenSSL and use the built-in capabilities of the command line tool. If you follow someone else's recipe, you are much less likely to build certificates that don't do the right thing. I would still recommend you get an expert to at least examine one of your certificates (and the process by which you generate requests if you do that too) if this is a "real" application. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Create certificates and keys from C/C++
> Hi, is there a function or something similar to create keys > and certificates directly from code? > Thank You Yes. There are functions like RSA_generate_key, DSA_generate_key, X509_sign, and so on. It is not a particularly simple thing to do though. Look at the example code in apps/ca.c, apps/req.c, and apps/x509.c, also demos/selfsign.c may be helpful. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
