| 1 |
Daniel, such a detailed explanation! I am grateful for all of this! |
| 2 |
|
| 3 |
Yours, |
| 4 |
Buffalo |
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
2007/3/29, Daniel Iliev <danny@××××××××.com>: |
| 9 |
> |
| 10 |
> Buffalo Dickens wrote: |
| 11 |
> > Many thanks Rumen! Actually I came across many error notifications |
| 12 |
> > during self certificate generation under Windows 2003 with openssl. As |
| 13 |
> > this is the gentoo maillist, I will not and should not paste the |
| 14 |
> > detailed error messages here:) |
| 15 |
> > |
| 16 |
> > So I just want to bypass this step under Win, letting linux take this |
| 17 |
> > task over. I do not know whether there will be some underlying |
| 18 |
> > conflict in doing this. |
| 19 |
> > |
| 20 |
> > Also, I will study what you provide me carefully. Thanks a lot! |
| 21 |
> > |
| 22 |
> > -- |
| 23 |
> > You will when you BELIEVE. |
| 24 |
> > Buffalo Dickens |
| 25 |
> > |
| 26 |
> > |
| 27 |
> > |
| 28 |
> > 2007/3/29, Rumen Yotov <rumen@××××××.org <mailto:rumen@××××××.org>>: |
| 29 |
> > |
| 30 |
> > On Thu, 29 Mar 2007 15:44:20 +0800 |
| 31 |
> > "Buffalo Dickens" < zwmaillist@×××××.com |
| 32 |
> > <mailto:zwmaillist@×××××.com>> wrote: |
| 33 |
> > |
| 34 |
> > > Hi all! I am not familiar with openssl at all. Here I got a |
| 35 |
> problem. |
| 36 |
> > > My Windows 2003 can not (or I can not) accomplish the task of |
| 37 |
> > > generating a private key file and a csr file. That holds up my |
| 38 |
> > > process of going on with authentication between it and other host |
| 39 |
> > > servers. |
| 40 |
> > > |
| 41 |
> > > I wonder if gentoo linux is able to help finish this step for Win? |
| 42 |
> I |
| 43 |
> > > mean, using openssl under gentoo to generate a whole set of |
| 44 |
> private |
| 45 |
> > > key and certificate and transferring them to Win host for its use. |
| 46 |
> I |
| 47 |
> > > do not know whether that is feasible. Any suggestion will be |
| 48 |
> > > appreciated! Thank you! |
| 49 |
> > > |
| 50 |
> > Hi, |
| 51 |
> > |
| 52 |
> > IMO any linux can do this, you only need openssl (which is BTW also |
| 53 |
> > available for Windows, IIRC). |
| 54 |
> > Google for the concrete commands (generate a self-signed |
| 55 |
> certificate). |
| 56 |
> > Or better try "openca.org <http://openca.org>" to do the work for |
| 57 |
> > you ;) |
| 58 |
> > HTH. Rumen |
| 59 |
> > -- |
| 60 |
> > gentoo-user@g.o <mailto:gentoo-user@g.o> mailing list |
| 61 |
> > |
| 62 |
> > |
| 63 |
> > |
| 64 |
> |
| 65 |
> Assuming you want to enable SSL on your Windows Web Server (IIS) you |
| 66 |
> might try this: |
| 67 |
> |
| 68 |
> 1) Generate Cert. Authority on the Gentoo Box: |
| 69 |
> |
| 70 |
> openssl genrsa -des3 -out CA.key 1024 |
| 71 |
> |
| 72 |
> (import CA.crt in all the clients in order to make them recognize the CA |
| 73 |
> and accept the certificates signed by it) |
| 74 |
> |
| 75 |
> 2) Create Cert. Request (Windows Box): |
| 76 |
> - Open the Internet Manager |
| 77 |
> - Select the site you want to create a key for |
| 78 |
> - Right-click >> Properties |
| 79 |
> - Select "Directory Security" |
| 80 |
> - Go to "Server Certificate" |
| 81 |
> - Follow the steps and create a New CSR |
| 82 |
> - Save your CSR as "new.csr" |
| 83 |
> - Transfer it to the Gentoo box |
| 84 |
> |
| 85 |
> 3) Sign the CSR on the Gentoo box: |
| 86 |
> |
| 87 |
> openssl x509 -req -days 365 -in new.csr -CA CA.crt -CAkey CA.key |
| 88 |
> -CAcreateserial -out new.crt |
| 89 |
> |
| 90 |
> 4) Transfer the signed cert. back to the Windows Box and install it: |
| 91 |
> |
| 92 |
> - Open the Internet Manager |
| 93 |
> - Select the site you requested a certif. for |
| 94 |
> - Right-click >> properties |
| 95 |
> - Go to "Directory Security" tab |
| 96 |
> - Choose "Server Certificate" |
| 97 |
> - Choose that you want to complete the pending request |
| 98 |
> - Select the .crt file that you transferred from the Gentoo box |
| 99 |
> |
| 100 |
> |
| 101 |
> HTH |
| 102 |
> |
| 103 |
> -- |
| 104 |
> Best regards, |
| 105 |
> Daniel |
| 106 |
> |
| 107 |
> |
| 108 |
> -- |
| 109 |
> gentoo-user@g.o mailing list |
| 110 |
> |
| 111 |
> |
| 112 |
|
| 113 |
|
| 114 |
-- |
| 115 |
You will when you BELIEVE. |
| 116 |
Buffalo Dickens |
Archives