[EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
Sent: Thursday, April 04, 2002 12:43 AM
To: [EMAIL PROTECTED]
Subject:Re: Creating client certificates ?
[EMAIL PROTECTED] wrote:
>
> Hello modssl users !
>
> I managed to set up an ssl aware web server.
> Although I searched the
here is what i did to generate client sertificates. be aware of the
clientakey.pem and clienta.pem are two different files.
1. openssl req -new -out clienta.csr -keyout clientakey.pem
Enter the details for the certificate, i.e common name being the
client/employee, \
"Joe Bloggs".
2. openssl
On Thu, Apr 04, 2002 at 01:43:05AM +0200, [EMAIL PROTECTED] wrote:
> My question is: How can I create client (!) certificates for
> client authentication to the server and not
> server certificates ?!
There is a nice example script called cca.sh in the mo
[EMAIL PROTECTED] wrote:
>
> Hello modssl users !
>
> I managed to set up an ssl aware web server.
> Although I searched the web and also the list
> archive I haven't been able to create a client
> certificate which is signed by my own CA for
> client authentication.
>
> Could someone describe
[EMAIL PROTECTED] wrote:
>
> Hello modssl users !
>
> I managed to set up an ssl aware web server.
> Although I searched the web and also the list
> archive I haven't been able to create a client
> certificate which is signed by my own CA for
> client authentication.
>
> Could someone describe
>> [...]
>> 2.removed nscerttype=ssICA
>> 3.remove nscerttype=client
>> [...]
>
>What are the reasons?
I found that if I did not do this then I could the certificates would not
work properly. After more examination I have started to commented out
nscerttype for CA certificate I generati
On Tue, Jul 27, 1999, Arend van der Veen wrote:
> [...]
> 2.removed nscerttype=ssICA
> 3.remove nscerttype=client
> [...]
What are the reasons?
Ralf S. Engelschall
[EMAIL PROTECTED]
There is a file included in mod_ssl.../pkg.contrib called cca.sh. I was
able to generate a CA. Server Certificate, and Client Certificates using
this. I had to make the following changes:
1.Set days for CA certificate to 5 years
2.removed nscerttype=ssICA
3.remove nscerttype=client