Date: Thu, 21 Jul 2005 13:47:55 -0500 From: Kirk Strauser <kirk@strauser.com> To: freebsd-questions@freebsd.org Subject: Re: frontend for openssl? Message-ID: <200507211347.55633.kirk@strauser.com> In-Reply-To: <Pine.BSO.4.56.0507211117320.30101@ux11.ltcm.net> References: <Pine.BSO.4.56.0507211117320.30101@ux11.ltcm.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart1432229.ltGNcXB3Yk Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 21 July 2005 04:19, Mipam wrote: > Does there exist a frontend for openssl that can create and sign > certificates bit one that also can create and sign pkcs7 certs? > Maybe something exists to help you create your own certificate authority? Got the system sources? If so, look at /usr/src/crypto/openssl/apps/CA.pl= =20 which sounds like exactly what you want: 1. ./CA.pl -newca # Makes a new CA 2. ./CA.pl -newreq # Generate a certificate signing request 3. ./CA.pl -sign # Sign the request created in step 2 I copied it to /usr/local/bin and edited the "$CATOP" variable to point=20 to /usr/local/etc/mypersonalCA, then edited /etc/ssl/openssl.cnf to refer=20 to the same directory. That way, I don't have to deal with it wanting to=20 use the relative directory "./demoCA" during its operations. =2D-=20 Kirk Strauser --nextPart1432229.ltGNcXB3Yk Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- iD8DBQBC3+3b5sRg+Y0CpvERAktyAJ4kCW+ynZJ1+bQN1JO47BcXtIybaQCeI3Xy RsWN7IN2jWmv6cAgMpHF+Es= =9MUi -----END PGP SIGNATURE----- --nextPart1432229.ltGNcXB3Yk--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507211347.55633.kirk>