Showing results for 
Search instead for 
Do you mean 

Problem with certificate - StrongHold CA


Problem with certificate - StrongHold CA

After generating a key, the certificate request and signing the request as Private CA and having the new certificate created... also after rebooting the system, the StrongHold server keeps saying the certificate is expired.

Also how to I change the PEM cerficate format to DER (netscape) format??

thanks :-(
Coffee please ;-)

Re: Problem with certificate - StrongHold CA


the x509 command, which is part of the openssl suite, should help you with both of your problems:

You can use the x509 command to view the certificate that you just created. Take a good look at the timestamps regarding validity. What happened to me once, was that I generated the cert on a machine whose clock was 1 hour ahead, so the begin of the validity period of the cert was still in the future, when I tried to load it on a machine with a correct clock. Another reason might be that Stronghold does not know your root CA key, did you import the public key of "Private CA" as a "signer's key" into Stronghold? If he does not know the public key of your CA, he cannot validate your signature.

Regarding your second question, x509 can also convert between PEM and DER,
see man x509.

x509 -inform PEM -in mycert.pem -outform DER -out mycert.der should do the trick.

Best regards,