Solved

OpenSSL Certificate Signing Request

Posted on 2006-11-14
2
1,586 Views
Last Modified: 2008-01-09
I'm setting up SSL/TLS on my pop3 server and apparently I need a signed certificate.  Ascertia.com offers free certificates but I'm having problems making a certificate request that will work.

Their page states, "Paste a base64 encoded PKCS #10 certificate request or PKCS #7 renewal request generated by an external application (such as a web server) into the request field to submit the request to the certification authority (CA). "

Can someone point me towards a tutorial for using OpenSSL to create a PKCS #10 certificate request?


0
Comment
Question by:phasevar
2 Comments
 
LVL 5

Accepted Solution

by:
rowdy_h earned 500 total points
ID: 17949283
Give this a go
openssl genrsa -out key.pem 1024
openssl req -new -key key.pem -out req.pem

The first generates a key to use in the creation of the request. The second creates the request. The default format is PEM which acording to the site below is
"The DER option uses an ASN1 DER encoded form compatible with the PKCS#10. The PEM form is the default format: it consists of the DER format base64 encoded with additional header and footer lines."

So as you want PKCS #10 base64 encoded this is the right format for you.

Taken from http://www.mkssoftware.com/docs/man1/openssl_req.1.asp
0
 

Author Comment

by:phasevar
ID: 18025893
Thanks!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question