[3996] in WWW Security List Archive
Certificates with SSLeay -- Please Help !
daemon@ATHENA.MIT.EDU (PAVO)
Thu Jan 16 00:28:31 1997
From: "PAVO" <magnum97@concentric.net>
To: <www-security@ns2.rutgers.edu>
Date: Wed, 15 Jan 1997 22:11:49 -0500
Errors-To: owner-www-security@ns2.rutgers.edu
This is a multi-part message in MIME format.
------=_NextPart_000_01BC0331.1A7446C0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
I am a high school student trying to set up my own server. I just got
SSLeay and configured my own CA. I am having trouble signing the
certificate for the site. I cannot find any documentation on setting up the
INDEX and SERIAL files, and these may be at the root of the problem. I
included my config file. If anyone is willing to help me with this, I will
be very grateful.
Paul Wojcicki
------=_NextPart_000_01BC0331.1A7446C0
Content-Type: application/octet-stream; name="PAVO.conf"
Content-Transfer-Encoding: 7bit
Content-Description: PAVO.conf (CONF File)
Content-Disposition: attachment; filename="PAVO.conf"
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir =/ # where everything is kept
certs =/usr # Where the issued certs are kept
crl_dir =/usr # Where the issued crl are kept
database =index.txt # database index file.
new_certs_dir =/ # default place for new certs.
certificate =ca/CA-cert.pem # The CA certificate
serial = usr/serial.txt # The current serial number
crl = usr/crl.pem # The current CRL
private_key = ca/privkey.pem # The private key
RANDFILE = .rand # private random number file
default_days = 365 # how long to certify
default_crl_days = 30 # how long before next CRL
default_md = md5 # which md to use.
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = optional
stateOrProvinceName = optional
organizationName = supplied
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = supplied
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 1024
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
localityName = Locality Name (eg, city)
organizationName = Organization Name (eg, company)
organizationalUnitName = Organizational Unit Name (eg, section)
commonName = Common Name (the name of your machine)
commonName_max = 64
emailAddress = Email Address
emailAddress_max = 40
------=_NextPart_000_01BC0331.1A7446C0--
