Cryptography Tutorials - Tutorial Addendum - OpenSSL - Signing Certificates from Others

wordgamesios racinggamesios musicappsios
 31 December 18:00   

    



    



    



    

This affiliate describes:

    



        



  •     

    Why Certificates Charge to Be Active by CAs?

        



  •     



  •     

    Generating a Affidavit Signing Appeal for Your Own Accessible Key

        



  •     



  •     

    Viewing Apparatus of Affidavit Signing Request

        



  •     



  •     

    Signing a Affidavit Signing Request

        



  •     



    



    



    

Why Certificates Charge to Be Active by CAs?

    



    

In the antecedent chapter, we abstruse how to put your own accessible key in

    

a affidavit and assurance it by your own clandestine key to create it as a self-signed

    

certificate.

    



    

Of course, you can forward your self-signed affidavit to your advice

    

partner and alpha to use it to encrypt the advice data.

    

However, this alone works if your advice accomplice knows you and trusts

    

your agenda signature.

    



    

In the case area you advice accomplice can not assurance you directly, what you

    

can do is to forward your accessible key to a affidavit ascendancy (CA) and ask them to assurance it

    

for you. To do this, you charge to put your accessible key into a affidavit signing appeal

    

(CSR), and mail it to a CA. The CA will verify the appeal and put your accessible key

    

in a affidavit and assurance it with CA s clandestine key.

    



    

When your accomplice receives your accessible key active by a CA, he can validate the signature

    

with the CA s accessible key. If the validation is ok, he can then assurance your accessible key.

    



    

Here is a simple diagram that illustrates the affidavit signing and validation process:

    

 

    

Your accessible key

    

You ---- Affidavit signing appeal ---> CA

    

| |

    

| |Sign

    

| |

    

Your accessible key + CA signature | v

    

You <----- Affidavit active by CA --------

    

| |

    

|Send |Send

    

| |

    

v CA s accessible key v

    

Partner <-- Self-signed affidavit ------

    

|

    

|Verify your affidavit with CA s accessible key

    

|to assurance your accessible key in the certificate

    

|

    

v

    

OK

    



    



    



    

Generating a Affidavit Signing Appeal for Your Own Accessible Key

    



    

In adjustment to forward your accessible key to a CA for signing, you charge to put the accessible key

    

in a book alleged affidavit signing appeal (CSR). Actuality is how to use the "req"

    

command to do this:

    

 

    

>openssl req -new -key _rsa_des.key -out .csr

    

-config openssl.cnf

    

Enter canyon byword for _rsa_des.key:

    

You are about to be asked to access advice that will be incorp...

    

into your affidavit request.

    

What you are about to access is what is alleged a Acclaimed Name...

    

There are absolutely a few fields but you can leave some blank

    

For some fields there will be a absence value,

    

If you access . , the acreage will be larboard blank.

    

-----

    

Country Name (2 letter code) []:CN

    

State or Arena Name (full name) []:PN

    

Locality Name (eg, city) []:LN

    

Organization Name (eg, company) []:ON

    

Organizational Assemblage Name (eg, section) []:UN

    

Common Name (eg, YOUR name) []: Yang

    

Email Abode []:.

    

Please access the afterward added attributes

    

to be beatific with your affidavit request

    

A claiming countersign []:myreq

    

An alternative aggregation name []:

    

>type .csr

    

-----BEGIN Affidavit REQUEST-----

    

MIIBETCBvAIBADBXMQswCQYDVQQGEwJDTjELMAkGA1UECBMCUE4xCzAJBgNVBAcT

    

AkNOMQswCQYDVQQKEwJPTjELMAkGA1UECxMCVU4xFDASBgNVBAMTC0hlcm9uZyBZ

    

YW5nMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKnmGcbuiAGG2XKek5LbVwF7AoT8

    

HuNXXip7KyWevbrFlSxJWSjfpmeGJo7/Nsw6hFwor28RyAy1wsW5BNYOXdECAwEA

    

AaAAMA0GCSqGSIb3DQEBBAUAA0EALE+d7H514HyQXu2CgwXYDvqZRngFLZFdGxQN

    

6AtEXXV+eC2c+URNBcmoF3oghJdPqZv7D1nZ7EBf20XSWzioQA==

    

-----END Affidavit REQUEST-----

    



    



    

Note that the affidavit is aswell adored in an encoded architecture alleged PEM.

    

(Continued on next part...)

    



    

 


Tags: certificate, called, partner, communication, certificates, notes, public, signing, tutorial, tutorials

 certificate, public, signing, request, signed, partner, communication, certificates, openssl, called, , public key, certificate signing, signing request, certificate request, communication partner, signed certificate, own public, send your, certificate signing request, certificates from others, send your public, signing certificates from, openssl signing certificates, tutorials tutorial notes, tutorial notes openssl, notes openssl signing, cryptography tutorials tutorial,

Share Cryptography Tutorials - Tutorial Addendum - OpenSSL - Signing Certificates from Others:
Digg it!   Google Bookmarks   Del.icio.us   Yahoo! MyWeb   Furl  Binklist   Reddit!   Stumble Upon   Technorati   Windows Live   Bookmark

Text link code :
Hyper link code:

Also see ...

Permalink
Article In : Computers & Technology  -  crypto