Cryptography Tutorials - Tutorial Addendum - OpenSSL - Signing Certificates from Others

wordgamesios racinggamesios musicappsios
 31 December 18:00   




(Continued from antecedent part...)



Viewing Apparatus of Affidavit Signing Request



Here is how to see the apparatus of a affidavit signing request:




>openssl req -in .csr -noout -text -config openssl.cnf


Certificate Request:




Version: 0 (0x0)


Subject: C=CN, ST=PN, L=LN, O=ON, OU=UN, CN= Yang


Accountable Accessible Key Info:


Accessible Key Algorithm: rsaEncryption


RSA Accessible Key: (512 bit)


Modulus (512 bit):












Exponent: 65537 (0x10001)




challengePassword :myreq


Signature Algorithm: md5WithRSAEncryption












Some absorbing addendum here:



  • The appeal is active with my clandestine key. I don t see any charge for this.



  • My "challengePassword" is displayed in apparent text. What s the amount of this password, if every one can see it?






Signing a Affidavit Signing Request



Even admitting I am not a able-bodied accustomed CA, but I can still use OpenSSL to assurance somebody abroad s certificate.


The afterward action shows you how Yang signs John Artisan s certificate:




>echo breeding a key brace for John


>openssl genrsa -out john_rsa.key


Loading awning into accidental accompaniment - done


Generating RSA clandestine key, 512 bit continued modulus






e is 65537 (0x10001)


>echo breeding the affidavit signing appeal for John


>openssl req -new -key john_rsa.key -out john.csr


-config openssl.cnf



You are about to be asked to access advice that will be incorp...


into your affidavit request.


What you are about to access is what is alleged a Acclaimed Name...


There are absolutely a few fields but you can leave some blank


For some fields there will be a absence value,


If you access . , the acreage will be larboard blank.




Country Name (2 letter code) []:CN


State or Arena Name (full name) []:PN


Locality Name (eg, city) []:LN


Organization Name (eg, company) []:ON


Organizational Assemblage Name (eg, section) []:UN


Common Name (eg, YOUR name) []:John Smith


Email Abode []:.


Please access the afterward added attributes


to be beatific with your affidavit request


A claiming countersign []:.


An alternative aggregation name []:.


>echo signing John s appeal with s clandestine key


>openssl x509 -req -in john.csr -CA .crt


-CAkey _rsa_des.key -out john.crt


Loading awning into accidental accompaniment - done


Signature ok


subject=/C=CN/ST=PN/L=LN/O=ON/OU=UN/CN=John Smith


Getting CA Clandestine Key


Enter canyon byword for _rsa_des.key:


>echo searching at John s certificate


>openssl x509 -in john.crt -noout -text






Version: 1 (0x0)


Consecutive Number: 5 (0x5)


Signature Algorithm: md5WithRSAEncryption


Issuer: C=CN, ST=PN, L=CN, O=ON, OU=UN, CN= Yang




Not Before: Jul 17 03:10:39 2002 GMT


Not Afterwards : Aug 16 03:10:39 2002 GMT


Subject: C=CN, ST=PN, L=LN, O=ON, OU=UN, CN=John Smith


Accountable Accessible Key Info:


Accessible Key Algorithm: rsaEncryption


RSA Accessible Key: (512 bit)


Modulus (512 bit):












Exponent: 65537 (0x10001)


Signature Algorithm: md5WithRSAEncryption












This is nice. Now I can assurance anyone s certificate, and become a CA!


All I charge is my RSA key pair, _rsa_des.key, my self-signed certificate, .crt,


and the "x509" command.






In this chapter, we accept abstruse how to accomplish a affidavit signing appeal with the "req",


and how to assurance anyone abroad s affidavit with the "x509" command.





Tags: certificate, signature, subject, screen, certificates, notes, public, signing, tutorial, tutorials

 certificate, openssl, signing, request, public, algorithm, private, subject, notes, md5withrsaencryption, signature, modulus, , public key, 512 bit, certificate signing, private key, rsa des, des key, algorithm md5withrsaencryption, 65537 0x10001, signing request, key 512, signature algorithm, certificate signing request, signature algorithm md5withrsaencryption, key info public, key algorithm rsaencryption, exponent 65537 0x10001, screen into random, certificates from others, tutorial notes openssl, tutorials tutorial notes, notes openssl signing, openssl signing certificates, signing certificates from, cryptography tutorials tutorial,

Share Cryptography Tutorials - Tutorial Addendum - OpenSSL - Signing Certificates from Others:
Digg it!   Google Bookmarks   Yahoo! MyWeb   Furl  Binklist   Reddit!   Stumble Upon   Technorati   Windows Live   Bookmark

Text link code :
Hyper link code:

Also see ...

Article In : Computers & Technology  -  crypto