HPE Community
Operating System - OpenVMS
1752290 Members
4590 Online
108786 Solutions
New Discussion юеВ

Need a roadmap for certificate generation

 
Richard W Hunt
Valued Contributor

тАО05-23-2007 07:13 AM

тАО05-23-2007 07:13 AM

Need a roadmap for certificate generation

Navigating through unfamiliar territory is never any fun, but the documents I'm reading now came through HP from a Microsoft Origin. That is a double whammy. The only thing that would have made them worse would be if they were originally written in ancient Aramaic and THEN translated to English. (No offense intended to any modern-day speakers of ancient Aramaic.)

We are trying to set up certificates for testing on our OpenVMS 7.3-2 and all I have to go on are the manuals. In case someone wants to tell me RTFM... I HAVE been R'ing TFM but all I do is get lost. Hence the title of the thread. My immediate goal is to generate a couple of certificates I can use to download to a workstation for testing of certificate based connectivity.

OK, so I ran the CDSA$GEN_CERTS routine and found the .CER and .PRI files that were created by it. The catch is that the names don't match up. I'm to the point that I get error 8526 that says, "Can't find private key matching public key." I just generated the keys and it didn't seem to give me the option to generate diddly-squat. OK, what now?

If someone can point me to a roadmap for starting from essentially scratch, I'll RTFM some more with that roadmap in mind. Is there such a thing somewhere that applies to OpenVMS 7.3-2 and TCP/IP 5.4 environment?
Sr. Systems Janitor
0 Kudos
3 REPLIES 3
Ian Miller.
Honored Contributor

тАО05-23-2007 09:55 AM

тАО05-23-2007 09:55 AM

Re: Need a roadmap for certificate generation

Are you using the DCL menu driven certificate tool?
____________________
Purely Personal Opinion
0 Kudos
Richard W Hunt
Valued Contributor

тАО05-24-2007 12:26 AM

тАО05-24-2007 12:26 AM

Re: Need a roadmap for certificate generation

I've used the method described in the volume on CDSA that includes the CDSA$GEN_CERTS script and also the certgen command.

I've also gone into the SSL volume and used the menu-driven tool there.

The CDSA tool runs but gives me errors as noted regarding public/private keys.

The SSL menu tool gives me myriad DCL errors suggesting that a verb was badly defined resulting in a file being improperly opened and as a result I get a humongous loop.

I'm currently working on the theory that my copy of SSL was damaged, so I'm going to try to find a newer copy (or just a different copy) in the Software Product Library kits. Not sure HOW they could have been damaged, but hey, leave no stone unturned, I always say. Besides, if I turn enough stones I'll have a nice collection of rocks to throw at somebody. If I ever figure out who deserves being targeted that way.
Sr. Systems Janitor
0 Kudos
Richard W Hunt
Valued Contributor

тАО12-07-2007 10:00 AM

тАО12-07-2007 10:00 AM

Re: Need a roadmap for certificate generation

I'll open a new thread when we get back to this part of the project. Other priorities have consumed my time since this was first posted.
Sr. Systems Janitor
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.