diff options
Diffstat (limited to 'doc/html/howto.ca.html')
| -rw-r--r-- | doc/html/howto.ca.html | 65 |
1 files changed, 29 insertions, 36 deletions
diff --git a/doc/html/howto.ca.html b/doc/html/howto.ca.html index 7f5bd21..2586215 100644 --- a/doc/html/howto.ca.html +++ b/doc/html/howto.ca.html @@ -1,19 +1,18 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" - "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<!DOCTYPE html> -<html xmlns="http://www.w3.org/1999/xhtml"> +<html> <head> - <meta http-equiv="X-UA-Compatible" content="IE=Edge" /> - <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> + <meta charset="utf-8" /> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>HOWTO: Creating your own CA with OpenSSL — M2Crypto documentation</title> <link rel="stylesheet" href="_static/alabaster.css" type="text/css" /> <link rel="stylesheet" href="_static/pygments.css" type="text/css" /> - <script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script> - <script type="text/javascript" src="_static/jquery.js"></script> - <script type="text/javascript" src="_static/underscore.js"></script> - <script type="text/javascript" src="_static/doctools.js"></script> - <script type="text/javascript" src="_static/language_data.js"></script> + <script id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script> + <script src="_static/jquery.js"></script> + <script src="_static/underscore.js"></script> + <script src="_static/doctools.js"></script> + <script src="_static/language_data.js"></script> <link rel="index" title="Index" href="genindex.html" /> <link rel="search" title="Search" href="search.html" /> @@ -34,16 +33,14 @@ <div class="section" id="howto-creating-your-own-ca-with-openssl"> <span id="howto-ca"></span><h1>HOWTO: Creating your own CA with OpenSSL<a class="headerlink" href="#howto-creating-your-own-ca-with-openssl" title="Permalink to this headline">¶</a></h1> -<table class="docutils field-list" frame="void" rules="none"> -<col class="field-name" /> -<col class="field-body" /> -<tbody valign="top"> -<tr class="field-odd field"><th class="field-name">author:</th><td class="field-body">Pheng Siong Ng <<a class="reference external" href="mailto:ngps%40post1.com">ngps<span>@</span>post1<span>.</span>com</a>></td> -</tr> -<tr class="field-even field"><th class="field-name">copyright:</th><td class="field-body">© 2000, 2001 by Ng Pheng Siong.</td> -</tr> -</tbody> -</table> +<dl class="field-list simple"> +<dt class="field-odd">author</dt> +<dd class="field-odd"><p>Pheng Siong Ng <<a class="reference external" href="mailto:ngps%40post1.com">ngps<span>@</span>post1<span>.</span>com</a>></p> +</dd> +<dt class="field-even">copyright</dt> +<dd class="field-even"><p>© 2000, 2001 by Ng Pheng Siong.</p> +</dd> +</dl> <div class="section" id="introduction"> <h2>Introduction<a class="headerlink" href="#introduction" title="Permalink to this headline">¶</a></h2> <p>This is a HOWTO on creating your own <em>certification authority</em> (<em>CA</em>) @@ -65,12 +62,10 @@ decided to document the process, hence this HOWTO.</p> OpenSSL.</p> <p>The following are the steps to create a CA:</p> <ol class="arabic"> -<li><p class="first">Choose a directory to do your CA work. All commands are executed -within this directory. Let’s call the directory <code class="docutils literal notranslate"><span class="pre">demo</span></code>.</p> -</li> -<li><p class="first">Copy <code class="docutils literal notranslate"><span class="pre">CA.pl</span></code> and <code class="docutils literal notranslate"><span class="pre">openssl.cnf</span></code> into <code class="docutils literal notranslate"><span class="pre">demo</span></code>.</p> -</li> -<li><p class="first">Apply the following patch to <code class="docutils literal notranslate"><span class="pre">CA.pl</span></code>, which allows it to generate a +<li><p>Choose a directory to do your CA work. All commands are executed +within this directory. Let’s call the directory <code class="docutils literal notranslate"><span class="pre">demo</span></code>.</p></li> +<li><p>Copy <code class="docutils literal notranslate"><span class="pre">CA.pl</span></code> and <code class="docutils literal notranslate"><span class="pre">openssl.cnf</span></code> into <code class="docutils literal notranslate"><span class="pre">demo</span></code>.</p></li> +<li><p>Apply the following patch to <code class="docutils literal notranslate"><span class="pre">CA.pl</span></code>, which allows it to generate a CA certificate with a validity period of 1095 days, i.e., 3 years:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span>--- CA.pl.org Sat Mar 31 12:40:13 2001 @@ -87,7 +82,7 @@ CA certificate with a validity period of 1095 days, i.e., </pre></div> </div> </li> -<li><p class="first">Create a new CA like this:</p> +<li><p>Create a new CA like this:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="o">./</span><span class="n">CA</span><span class="o">.</span><span class="n">pl</span> <span class="o">-</span><span class="n">newca</span> <span class="n">A</span> <span class="n">certificate</span> <span class="n">filename</span> <span class="p">(</span><span class="ow">or</span> <span class="n">enter</span> <span class="n">to</span> <span class="n">create</span><span class="p">)</span> <span class="o"><</span><span class="n">enter</span><span class="o">></span> @@ -144,7 +139,7 @@ pair is in <code class="docutils literal notranslate"><span class="pre">demoCA/p </pre></div> </div> </li> -<li><p class="first">Next, generate a certificate request:</p> +<li><p>Next, generate a certificate request:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="o">./</span><span class="n">CA</span><span class="o">.</span><span class="n">pl</span> <span class="o">-</span><span class="n">newreq</span> <span class="n">Using</span> <span class="n">configuration</span> <span class="kn">from</span> <span class="nn">openssl.cnf</span> @@ -256,7 +251,7 @@ this:</p> </div> </div></blockquote> <ol class="arabic" start="6"> -<li><p class="first">Now, sign the certificate request:</p> +<li><p>Now, sign the certificate request:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span>./CA.pl -sign Using configuration from openssl.cnf @@ -352,7 +347,7 @@ Signed certificate is in newcert.pem </div> </div></blockquote> <ol class="arabic" start="7"> -<li><p class="first">In certain situations, e.g., where your certificate and private key +<li><p>In certain situations, e.g., where your certificate and private key are to be used in an unattended SSL server, you may wish to not encrypt the private key, i.e., leave the key in the clear. This decision should be governed by your site’s security policy and threat @@ -436,17 +431,15 @@ developing SSL and S/MIME applications in </ul> </div> <div id="searchbox" style="display: none" role="search"> - <h3>Quick search</h3> + <h3 id="searchlabel">Quick search</h3> <div class="searchformwrapper"> <form class="search" action="search.html" method="get"> - <input type="text" name="q" /> + <input type="text" name="q" aria-labelledby="searchlabel" /> <input type="submit" value="Go" /> - <input type="hidden" name="check_keywords" value="yes" /> - <input type="hidden" name="area" value="default" /> </form> </div> </div> -<script type="text/javascript">$('#searchbox').show(0);</script> +<script>$('#searchbox').show(0);</script> @@ -463,7 +456,7 @@ developing SSL and S/MIME applications in ©2017, Matej Cepl <mcepl@cepl.eu>. | - Powered by <a href="http://sphinx-doc.org/">Sphinx 1.8.5</a> + Powered by <a href="http://sphinx-doc.org/">Sphinx 3.2.1</a> & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.12</a> | |