Cryptography Tutorials - Tutorial Addendum - OpenSSL - Signing Certificates from Others

wordgamesios racinggamesios musicappsios
 31 December 18:00   

    



    



    

(Continued from antecedent part...)

    



    

Viewing Apparatus of Affidavit Signing Request

    



    

Here is how to see the apparatus of a affidavit signing request:

    

 

    

>openssl req -in .csr -noout -text -config openssl.cnf

    

Certificate Request:

    

Data:

    

Version: 0 (0x0)

    

Subject: C=CN, ST=PN, L=LN, O=ON, OU=UN, CN= Yang

    

Accountable Accessible Key Info:

    

Accessible Key Algorithm: rsaEncryption

    

RSA Accessible Key: (512 bit)

    

Modulus (512 bit):

    

00:a9:e6:19:c6:ee:88:01:86:d9:72:9e:93:92:db:

    

57:01:7b:02:84:fc:1e:e3:57:5e:2a:7b:2b:25:9e:

    

bd:ba:c5:95:2c:49:59:28:df:a6:67:86:26:8e:ff:

    

36:cc:3a:84:5c:28:af:6f:11:c8:0c:b5:c2:c5:b9:

    

04:d6:0e:5d:d1

    

Exponent: 65537 (0x10001)

    

Attributes:

    

challengePassword :myreq

    

Signature Algorithm: md5WithRSAEncryption

    

80:be:77:39:65:0f:24:db:70:c1:76:e3:b6:c7:99:a5:c7:af:

    

ae:98:5a:73:98:f8:60:f1:65:08:a9:f7:df:6f:bd:77:aa:f7:

    

bb:0b:f2:0d:71:6e:ad:ee:52:5a:2b:a7:2a:c0:fd:0e:4c:8f:

    

c1:43:18:58:0b:10:03:e0:e5:a3

    



    



    

Some absorbing addendum here:

    



        

  • The appeal is active with my clandestine key. I don t see any charge for this.

        



  •     

  • My "challengePassword" is displayed in apparent text. What s the amount of this password, if every one can see it?

        



  •     



    



    



    

Signing a Affidavit Signing Request

    



    

Even admitting I am not a able-bodied accustomed CA, but I can still use OpenSSL to assurance somebody abroad s certificate.

    

The afterward action shows you how Yang signs John Artisan s certificate:

    

 

    

>echo breeding a key brace for John

    

>openssl genrsa -out john_rsa.key

    

Loading awning into accidental accompaniment - done

    

Generating RSA clandestine key, 512 bit continued modulus

    

..................++++++++++++

    

.++++++++++++

    

e is 65537 (0x10001)

    

>echo breeding the affidavit signing appeal for John

    

>openssl req -new -key john_rsa.key -out john.csr

    

-config openssl.cnf

    



    

You are about to be asked to access advice that will be incorp...

    

into your affidavit request.

    

What you are about to access is what is alleged a Acclaimed Name...

    

There are absolutely a few fields but you can leave some blank

    

For some fields there will be a absence value,

    

If you access . , the acreage will be larboard blank.

    

-----

    

Country Name (2 letter code) []:CN

    

State or Arena Name (full name) []:PN

    

Locality Name (eg, city) []:LN

    

Organization Name (eg, company) []:ON

    

Organizational Assemblage Name (eg, section) []:UN

    

Common Name (eg, YOUR name) []:John Smith

    

Email Abode []:.

    

Please access the afterward added attributes

    

to be beatific with your affidavit request

    

A claiming countersign []:.

    

An alternative aggregation name []:.

    

>echo signing John s appeal with s clandestine key

    

>openssl x509 -req -in john.csr -CA .crt

    

-CAkey _rsa_des.key -out john.crt

    

Loading awning into accidental accompaniment - done

    

Signature ok

    

subject=/C=CN/ST=PN/L=LN/O=ON/OU=UN/CN=John Smith

    

Getting CA Clandestine Key

    

Enter canyon byword for _rsa_des.key:

    

>echo searching at John s certificate

    

>openssl x509 -in john.crt -noout -text

    

Certificate:

    

Data:

    

Version: 1 (0x0)

    

Consecutive Number: 5 (0x5)

    

Signature Algorithm: md5WithRSAEncryption

    

Issuer: C=CN, ST=PN, L=CN, O=ON, OU=UN, CN= Yang

    

Validity

    

Not Before: Jul 17 03:10:39 2002 GMT

    

Not Afterwards : Aug 16 03:10:39 2002 GMT

    

Subject: C=CN, ST=PN, L=LN, O=ON, OU=UN, CN=John Smith

    

Accountable Accessible Key Info:

    

Accessible Key Algorithm: rsaEncryption

    

RSA Accessible Key: (512 bit)

    

Modulus (512 bit):

    

00:d4:a4:be:ce:2d:be:88:56:ef:d3:de:13:15:33:

    

59:84:ea:08:fe:bc:c8:70:93:30:c0:c4:c5:de:e3:

    

65:e8:98:e1:15:12:27:d4:00:69:6e:22:fa:c3:72:

    

4a:75:a6:d8:66:dc:ec:12:f6:92:94:09:3c:3a:61:

    

69:47:99:b3:91

    

Exponent: 65537 (0x10001)

    

Signature Algorithm: md5WithRSAEncryption

    

57:a5:9f:93:8e:f8:69:cd:9b:70:ff:f5:fc:78:e3:f6:da:70:

    

b9:5d:d6:a8:ac:ae:76:41:13:04:99:28:97:55:9b:5e:94:c7:

    

c5:59:26:77:33:cb:67:aa:1c:d5:0e:b7:de:33:73:b1:f6:3a:

    

0b:c2:d9:6a:5b:f1:d1:ab:60:9b

    



    



    

This is nice. Now I can assurance anyone s certificate, and become a CA!

    

All I charge is my RSA key pair, _rsa_des.key, my self-signed certificate, .crt,

    

and the "x509" command.

    



    

Conclusion

    



    

In this chapter, we accept abstruse how to accomplish a affidavit signing appeal with the "req",

    

and how to assurance anyone abroad s affidavit with the "x509" command.

    



    



    

 


Tags: certificate, signature, subject, screen, certificates, notes, public, signing, tutorial, tutorials

 certificate, openssl, signing, request, public, algorithm, private, subject, notes, md5withrsaencryption, signature, modulus, , public key, 512 bit, certificate signing, private key, rsa des, des key, algorithm md5withrsaencryption, 65537 0x10001, signing request, key 512, signature algorithm, certificate signing request, signature algorithm md5withrsaencryption, key info public, key algorithm rsaencryption, exponent 65537 0x10001, screen into random, certificates from others, tutorial notes openssl, tutorials tutorial notes, notes openssl signing, openssl signing certificates, signing certificates from, cryptography tutorials tutorial,

Share Cryptography Tutorials - Tutorial Addendum - OpenSSL - Signing Certificates from Others:
Digg it!   Google Bookmarks   Del.icio.us   Yahoo! MyWeb   Furl  Binklist   Reddit!   Stumble Upon   Technorati   Windows Live   Bookmark

Text link code :
Hyper link code:

Also see ...

Permalink
Article In : Computers & Technology  -  crypto