> Sarath Chandra M wrote:
>
> Hi,
> I have a requirement like this. Users/clients will access a web site,
> fill in a form, generate a keypair and send it to
> server. the csr is done at the server. client cert is created in the
> server and sent back thru email. Is this a proper
> approach ? If so, I would like to get some help in constructing the
> setup. I have openssl ready and working. Only
> thing is web (site) interface for the html form. Also, how to generate
> the keypair at the client (browser) ? I cant
> find that certenr3.dll. Is there any other java/javascript program to
> do it without depending on microsoft dlls ?
> Any help will be highly appreciated. First I would like to try
> generating key pair with just a html page in Win2K.
>
You use Xenroll, info on MS site new MS OSes have Xenroll installed as
standard. The CSR must be created on the client (which is what Xenroll
can do) because only it has access to the private key.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Gemplus: http://www.gemplus.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
