EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to generate CA certificate, and test certificate

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
Posted: 09/14/2006 06:15:52
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155


I'm trying to generate a CA certificate and a test certificate using Eldos Certificate sample.

FOR CA in Openssl, i do:
openssl genrsa -des3 -out keys/ca.key 1024
openssl req -config openssl.conf -new -x509 -days 1001 -key keys/ca.key -out certs/ca.cer

After having a CA, i see that in the sample, i can choose Certificate->New Certificate->Certificate signed by CA.

The problem then is generating a CA own sample certificate. I choose Certificate->Generate Certificate Signing Request but it generates a .crq but not a .cer.

How can i do it? what changes do i have to make to generate certificate signing request demo to make a CA certificate?

Many thanks
Posted: 09/14/2006 06:28:46
by Eugene Mayevski (Team)

CA certificate is a self-signed certificate with key usage set to Sign other certificates. So you just need to generate the self-signed certificate. You can download and use Crypto4 PKI for easier generation of the certificates.

Sincerely yours
Eugene Mayevski
Posted: 09/14/2006 10:38:09
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

Many thanks for the answer, :p.

I'm facing now another strange problem:
- I'm generating my certificates, and on my program, they're seen OK; but in Windows XPsp2, subject and issuer are unknown; and in details, The Issuer is for example:
E = 1a 0d 63 61 6b 73 69 40 6b 73 69 2e 63 6f 6d
CN = 1a 05 43 41 4b 53 49
OU = 1a 03 4b 53 49
O = 1a 03 4b 53 49
L = 1a 05 47 69 6a f3 6e
S = 1a 08 41 73 74 75 72 69 61 73
C = 1a 02 45 53

I'm using:
Cert.IssuerRDN.Values[0] := GetCountryAbbr(cbCountry.Text);
Cert.IssuerRDN.Values[1] := edtState.Text;
Cert.IssuerRDN.Values[2] := edtLocality.Text;
Cert.IssuerRDN.Values[3] := edtOrganization.Text;
Cert.IssuerRDN.Values[4] := edtOrganizationUnit.Text;
Cert.IssuerRDN.Values[5] := edtCommonName.Text;

So i thought that it could be that i have to set FormatAttributeValue(SB_ASN1_VISIBLESTRING, to all the strings; but that cause certificate data error :p.

What's up with windows? why does it represents the data that way? what's the solution?
Posted: 09/14/2006 13:53:23
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

Never mind, it was set .Tags := SB_ASN1_PRINTABLESTRING and everything OK...



Topic viewed 3801 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!