Richard Hartmann wrote:
I am replying to myself to clarify somthing which I should have put
better:
I want to run my own CA, not buy certificates from established ones.
You said CA packages, you didn't say something to the effect of
use a retail Certificate Authority. So at least some of us
i want to create intermediate CA from root CA by using openssl.cnf. how to
configure openssl.cnf file for creating intermediate ca which contains all
attributes like root ca which is having obj signing,certificate
revocation...can any body help me
--
View this message in context:
I need to use CBC with ciphertext stealing.
I found the following on Wikipedia:
CBC ciphertext stealing encryption using a standard CBC interface
1. Encrypt the plaintext through the last full block using the standard CBC
mode.
2. Pad the last partial block with the trailing ciphertext of the
Thank you very much for your response , David and Victor. I really
appreciate it.
So could someone guide me with the best practices used in such
scenarios?
Is there a way to securely embed the private key in the installers / CA
certificate?
I guess I'm confused. What purpose would a
This should be good for most purposes. Note the basicConstraints
attribute of pathlen. Unlike the root CA which has no pathlen, the
intermediate has a pathlen of 0.
###
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always
On 20/09/2007, Rodney Thayer [EMAIL PROTECTED] wrote:
That being said the existence of any code that handles that
sort of thing is interesting, since there are so few implementations.
Yes, it seems that everyone who does any real work in this direction
keeps the fruits to themselves :/
If I
Hello out there!
I've got a problem with the OpenSSL-based program TinyCA. I used this nice
GUI-prog to create some certificates. I also created some certificates with
commandline OpenSSL.
Now my problem:
TinyCA show's an nice overview about all certificates in the folder incl.
CommonName,
All,
I'm sure this topic has been broached before, but I cannot seem to find
anything on the mailing list concerning getting core crypto and ssl
compiled for vxworks. I have looked through the main makefile in the
openssl/ directory and the openssl website, but have not found anything
specific
For now, my purpose is not to establish and identity of a server with the
certificate. I plan to use a signed certificate, so that the client can be
sure
that the server indeed holds the private key associated with the
public key
provided by the server in its certificate.
You have a
I have given the command
openssl x509 -req -days 365 -in intermediate.csr -CA root.certkey
-CAcreateserial -out intermediate.crt -extensions usr_cert -extfile
/etc/sll/openssl.cnf
after creating the root CA, the root.certkey is having key and crt files.Is
this command enough for creating the
10 matches
Mail list logo
