HPE Community
Operating System - HP-UX
1753912 Members
8734 Online
108810 Solutions
New Discussion

Problem with certificate - StrongHold CA

 
Diadina Cotte
Advisor

‎06-24-2002 08:31 AM

‎06-24-2002 08:31 AM

Problem with certificate - StrongHold CA

Hi
After generating a key, the certificate request and signing the request as Private CA and having the new certificate created... also after rebooting the system, the StrongHold server keeps saying the certificate is expired.

Also how to I change the PEM cerficate format to DER (netscape) format??

thanks :-(
Coffee please ;-)
0 Kudos
Reply
1 REPLY 1
Knut Eckstein
Advisor

‎07-12-2002 03:20 AM

‎07-12-2002 03:20 AM

Re: Problem with certificate - StrongHold CA

Diadina,

the x509 command, which is part of the openssl suite, should help you with both of your problems:

You can use the x509 command to view the certificate that you just created. Take a good look at the timestamps regarding validity. What happened to me once, was that I generated the cert on a machine whose clock was 1 hour ahead, so the begin of the validity period of the cert was still in the future, when I tried to load it on a machine with a correct clock. Another reason might be that Stronghold does not know your root CA key, did you import the public key of "Private CA" as a "signer's key" into Stronghold? If he does not know the public key of your CA, he cannot validate your signature.

Regarding your second question, x509 can also convert between PEM and DER,
see man x509.

x509 -inform PEM -in mycert.pem -outform DER -out mycert.der should do the trick.

Best regards,

Knut
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.