- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: OpenSSL help required
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2006 05:55 PM
тАО05-03-2006 05:55 PM
OpenSSL help required
I m very new to SSl and I have been asked to setup a client server communication using SSL.
I m trying to write my program using openssl libraries .
MY questions are on the certificate generation using open ssl.
What is the procedure to generate certificate ?
DO we have to write seperate code to generate certificate ?
Do client and server need seperate certificates?
Do we have to always generate certificate or if we can use the same certificate always ?
I know that these questions are very basic one.
but I m completely ignorant about SSL.
ANy help will be greatly appreciated .
Regards
Binu
- Tags:
- certificate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2006 06:06 PM
тАО05-03-2006 06:06 PM
Re: OpenSSL help required
Q) What is the procedure to generate certificate ?
A) You can use "openssl" utility to generate certificates.
Example : openssl req -new -x509 -extensions v3_ca -keyout \
private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf
Q) DO we have to write seperate code to generate certificate ?
A) You can use Openssl tool for this. No need to write separate app.
Q)Do client and server need seperate certificates?
A) It depends on which way you prefer.
Q) Do we have to always generate certificate or if we can use the same certificate always ?
A) You can use the same certificate till it expries.
Some links,
http://www.openssl.org
http://www.flatmtn.com/computer/Linux-SSLCertificates.html#SSLCert-5
http://www.pseudonym.org/ssl/ssl_cook.html
-Arun
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2006 06:11 PM
тАО05-03-2006 06:11 PM
Re: OpenSSL help required
What is the procedure to generate certificate ?
http://www.google.com/url?sa=t&ct=res&cd=1&url=http%3A%2F%2Fslacksite.com%2Fapache%2Fcertificate.html&ei=45pZRMG5LsnGwQG6yNHKBw&sig2=MzD6HnS94MgF19R7hhXpwg
Certificate cookbook:
http://www.google.com/url?sa=t&ct=res&cd=2&url=http%3A%2F%2Fwww.pseudonym.org%2Fssl%2Fssl_cook.html&ei=45pZRMG5LsnGwQG6yNHKBw&sig2=eHMRagkDe5-04R-bZkt2-A
DO we have to write seperate code to generate certificate ?
No.
Do client and server need seperate certificates?
Client needs nothing. They will be prompted to accept the server certificate at first login, depending on connection method.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2006 06:22 PM
тАО05-03-2006 06:22 PM
Re: OpenSSL help required
SOme more doubts .
I didnt understand what you meant by expiry of the certificate .
Also i m still confused about the certificate generation .
The example whch you have given is to be done from our code???
Please remember that I m not using https .
I m trying to implement a client -server socket communication
Binu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2006 06:26 PM
тАО05-03-2006 06:26 PM
Re: OpenSSL help required
Please note that I dont have any apache or some thing like that .
I have to implement SSL using C++
Regards
Binu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2006 06:34 PM
тАО05-03-2006 06:34 PM
Re: OpenSSL help required
Q) I didnt understand what you meant by expiry the certificate .
When you generate a certificate, openssl req -new -x509 -extensions v3_ca -keyout \
private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf
You specify "-days". In this example, i have given expiry as "365" days. You can specify your own time. Note that, ceriticate will expire after one year and you need to re-generate it.
Also i m still confused about the certificate generation .
The example whch you have given is to be done from our code???
Yes, you can create with any C/C++ program using Openssl utility.
-Arun
P.S Remember to assign points.