Cryptography Tutorials - Tutorial Addendum - OpenSSL - Acceptance Aisle and Validation

arcadegamesios financeappsios strategygamesios
 31 December 18:00   

    



    



    



    

This affiliate describes:

    



        



  •     

    What Is a Acceptance Path?

        



  •     



  •     

    Certification Aisle Validation

        



  •     



  •     

    Certification Aisle Testing with OpenSSL

        



  •     



    



    



    

What Is a Acceptance Path?

    



    

Certification Path: Aswell alleged Affidavit Chain. An ordered account of certificates area the accountable article

    

of one affidavit is identical to the arising article of the next certificate.

    



    

A acceptance aisle can aswell be authentic as an ordered account of certificates area the arising article of one certificate

    

can be articular as the accountable article of the antecedent certificate. But the first affidavit has to be a appropriate one,

    

because there is no antecedent affidavit to analyze the arising entity. The first affidavit haveto be a self-signed

    

certificate, area the arising article is the aforementioned as the accountable entity.

    



    

For example, the afterward diagram shows you a acceptance path:

    

 

    

Certificate 1

    

Issuer: Yang

    

Subject: Yang

    

Certificate 2

    

Issuer: Yang

    

Subject: John Smith

    

Certificate 3

    

Issuer: John Smith

    

Subject: Bill White

    

Certificate 4

    

Issuer: Bill White

    

Subject: Tom Bush

    



    



    



    

Certification Aisle Validation

    



    

A acceptance aisle needs to be validated. Actuality are the validation rules:

    



        

  • The first affidavit haveto be self-signed. Its issuer haveto be accustomed as a affidavit ascendancy (CA).

        



  •     

  • The issuer of any certificate, except the first one, haveto be "identical" to the accountable of the antecedent certificate.

        



  •     

  • "identical" agency that issuer s agenda signature can absolute by the accountable s accessible key in the antecedent certificate.

        



  •     



    



    

OpenSSL offers a nice tool, the "verify" command, to validate a acceptance path. Actuality is the syntax of the

    

"verify" command:

    



    

verify -CAfile first.crt -untrusted all_middle.crt last.crt

    



    



        

  • "first.crt" is the first affidavit of the path. It should be self-signed certificate.

        



  •     

  • "last.crt" is the endure affidavit of the path.

        



  •     

  • "all_middle.crt" is a accumulating of all average certificates. If certificates are abundance in PEM format, you can

        

    join them into a accumulating in any argument editor.

        



  •     



    



    



    

Certification Aisle Testing with OpenSSL

    



    

Here is a Testing book I followed to accomplish some certificates with altered issuers and subjects.

    

See antecedent addendum if you accept agitation breeding keys and signing certificates.

    



    

1. Breeding a self-signed affidavit for , .crt:

    

 

    

>echo Breeding keys for

    

>openssl genrsa -des3 -out _rsa.key

    

...

    

>echo Breeding a self-signed affidavit for

    

>openssl req -new -key _rsa.key -x509 -out .crt

    

-config openssl.cnf

    

...

    



    

(Continued on next part...)

    



    

 


Tags: certificate, testing, subject, certificates, notes, certification, issuer, tutorial, tutorials

 certificate, certification, subject, issuer, entity, openssl, certificates, signed, previous, generating, issuing, middle, validation, verify, notes, identical, testing, , certification path, signed certificate, previous certificate, issuing entity, subject entity, path certification path, path testing with, issuer yang subject, certification path certification, openssl certification path, tutorials tutorial notes, tutorial notes openssl, notes openssl certification, cryptography tutorials tutorial,

Share Cryptography Tutorials - Tutorial Addendum - OpenSSL - Acceptance Aisle and Validation:
Digg it!   Google Bookmarks   Del.icio.us   Yahoo! MyWeb   Furl  Binklist   Reddit!   Stumble Upon   Technorati   Windows Live   Bookmark

Text link code :
Hyper link code:

Also see ...

Permalink
Article In : Computers & Technology  -  crypto