gnutls-serv: create client & proxy too.

author: Simon Josefsson <simon@josefsson.org> 2007-02-08 13:17:41 +0000
committer: Simon Josefsson <simon@josefsson.org> 2007-02-08 13:17:41 +0000
commit: be37a21e40636d070573b55aef72d94c0f29f3c9 (patch)
tree: d1eb100d1cdb820cfa3c1226dd73f6ec154bd23f
parent: 04862744e98cccf9793401326c11ab733de49ace (diff)
download: gnutls-be37a21e40636d070573b55aef72d94c0f29f3c9.tar.gz
1 files changed, 27 insertions, 0 deletions
diff --git a/doc/gnutls.texi b/doc/gnutls.texi
index 3f2e42a779..6554a0b72a 100644
--- a/doc/gnutls.texi
+++ b/doc/gnutls.texi
@@ -2406,6 +2406,33 @@ certtool --generate-certificate --load-privkey x509-server-key.pem \
 ...
 @end example
 
+For use in the client, you may want to generate a client certificate
+as well.
+
+@example
+certtool --generate-privkey > x509-client-key.pem
+echo 'cn = GnuTLS test client' > client.tmpl
+echo 'tls_www_client' >> client.tmpl
+echo 'encryption_key' >> client.tmpl
+echo 'signing_key' >> client.tmpl
+certtool --generate-certificate --load-privkey x509-client-key.pem \
+  --load-ca-certificate x509-ca.pem --load-ca-privkey x509-ca-key.pem \
+  --template client.tmpl --outfile x509-client.pem
+...
+@end example
+
+For icing, we'll create a proxy certificate for the client too.
+
+@example
+certtool --generate-privkey > x509-proxy-key.pem
+echo 'cn = GnuTLS test client proxy' > proxy.tmpl
+certtool --generate-proxy --load-privkey x509-proxy-key.pem \
+  --load-ca-certificate x509-client.pem --load-ca-privkey x509-client-key.pem \
+  --load-certificate x509-client.pem --template proxy.tmpl \
+  --outfile x509-proxy.pem
+...
+@end example
+
 Then start the server again:
 
 @example
author	Simon Josefsson <simon@josefsson.org>	2007-02-08 13:17:41 +0000
committer	Simon Josefsson <simon@josefsson.org>	2007-02-08 13:17:41 +0000
commit	be37a21e40636d070573b55aef72d94c0f29f3c9 (patch)
tree	d1eb100d1cdb820cfa3c1226dd73f6ec154bd23f
parent	04862744e98cccf9793401326c11ab733de49ace (diff)
download	gnutls-be37a21e40636d070573b55aef72d94c0f29f3c9.tar.gz