Difference between revisions of "TLS"
From Vague Hope Wiki
(Created page with "== Examine == <pre> openssl x509 -text -in client.pem openssl rsa -text -in client.pem openssl crl -text -in cacrl.pem </pre>") |
|||
Line 4: | Line 4: | ||
openssl rsa -text -in client.pem | openssl rsa -text -in client.pem | ||
openssl crl -text -in cacrl.pem | openssl crl -text -in cacrl.pem | ||
+ | </pre> | ||
+ | |||
+ | == demoCA == | ||
+ | <pre> | ||
+ | /usr/lib/ssl/misc/CA.sh -newca | ||
+ | /usr/lib/ssl/misc/CA.sh -newreq | ||
+ | /usr/lib/ssl/misc/CA.sh -sign | ||
+ | openssl pkcs12 -export -in ca/cacert.pem -inkey ca/private/cakey.pem -out file.p12 -name "Client Certificate" | ||
+ | echo 01 > demoCA/crlnumber | ||
+ | openssl ca -revoke client.pem -keyfile demoCA/private/cakey.pem -cert demoCA/cacert.pem | ||
+ | openssl ca -gencrl -keyfile demoCA/private/cakey.pem -cert demoCA/cacert.pem -out cacrl.pem -crldays 30 | ||
</pre> | </pre> |
Revision as of 11:32, 24 April 2012
Examine
openssl x509 -text -in client.pem openssl rsa -text -in client.pem openssl crl -text -in cacrl.pem
demoCA
/usr/lib/ssl/misc/CA.sh -newca /usr/lib/ssl/misc/CA.sh -newreq /usr/lib/ssl/misc/CA.sh -sign openssl pkcs12 -export -in ca/cacert.pem -inkey ca/private/cakey.pem -out file.p12 -name "Client Certificate" echo 01 > demoCA/crlnumber openssl ca -revoke client.pem -keyfile demoCA/private/cakey.pem -cert demoCA/cacert.pem openssl ca -gencrl -keyfile demoCA/private/cakey.pem -cert demoCA/cacert.pem -out cacrl.pem -crldays 30