Revision [1228]
Last edited on 2007-12-07 04:04:09 by WikiAdminAdditions:
[[JavaKeystoreCert JavaKeystoreCert]]
Revision [1223]
Edited on 2007-12-04 02:11:36 by WikiAdminAdditions:
openssl pkcs12 -export -in x509_cert_file -name cert_alias -inkey private_key -certfile ca_cert -caname ca_name -out pkcs12_file.p12
==Verify CA==
openssl verify -CAfile ca_file certificate_file
==Verify CA==
openssl verify -CAfile ca_file certificate_file
Deletions:
Revision [1162]
Edited on 2007-11-19 21:06:17 by WikiAdminAdditions:
This REALLY sucks - someone obtained a x509 certificate with the sole intention to use it on IBM HTTPServer, which is a total disaster. God knows how IBM transformed the trouble-free Apache into this monster. My advice, even if you're stuck with WebSphere, use the real Apache as the front-end web server.
openssl pkcs12 -export -in x509_cert_file -inkey private_key -certfile ca_cert -out pkcs12_file.p12
If you need to transform PEM formatted certificate into DER encoding, so it can be read by the fucked up IBM Key Manager
openssl -in pem_cert -out der_cert -inform pem -outform der
openssl pkcs12 -export -in x509_cert_file -inkey private_key -certfile ca_cert -out pkcs12_file.p12
If you need to transform PEM formatted certificate into DER encoding, so it can be read by the fucked up IBM Key Manager
openssl -in pem_cert -out der_cert -inform pem -outform der
Deletions:
Revision [653]
Edited on 2007-06-07 00:22:10 by WikiAdminAdditions:
==Matching private key and certificate==
Match the modulus
openssl rsa -noout -in server.key -modulus
openssl x509 -noout -in server.crt -modulus
Match the modulus
openssl rsa -noout -in server.key -modulus
openssl x509 -noout -in server.crt -modulus
Revision [633]
Edited on 2007-06-06 00:06:02 by WikiAdminAdditions:
{{parent page="Security"}}
