EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to generate CA certificate, and test certificate

Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.
#1211
Posted: 09/14/2006 06:15:52
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

Hi,

I'm trying to generate a CA certificate and a test certificate using Eldos Certificate sample.

FOR CA in Openssl, i do:
openssl genrsa -des3 -out keys/ca.key 1024
openssl req -config openssl.conf -new -x509 -days 1001 -key keys/ca.key -out certs/ca.cer

After having a CA, i see that in the sample, i can choose Certificate->New Certificate->Certificate signed by CA.

The problem then is generating a CA own sample certificate. I choose Certificate->Generate Certificate Signing Request but it generates a .crq but not a .cer.

How can i do it? what changes do i have to make to generate certificate signing request demo to make a CA certificate?

Many thanks
#1212
Posted: 09/14/2006 06:28:46
by Eugene Mayevski (EldoS Corp.)

CA certificate is a self-signed certificate with key usage set to Sign other certificates. So you just need to generate the self-signed certificate. You can download and use Crypto4 PKI for easier generation of the certificates.


Sincerely yours
Eugene Mayevski
#1216
Posted: 09/14/2006 10:38:09
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

Many thanks for the answer, :p.

I'm facing now another strange problem:
- I'm generating my certificates, and on my program, they're seen OK; but in Windows XPsp2, subject and issuer are unknown; and in details, The Issuer is for example:
E = 1a 0d 63 61 6b 73 69 40 6b 73 69 2e 63 6f 6d
CN = 1a 05 43 41 4b 53 49
OU = 1a 03 4b 53 49
O = 1a 03 4b 53 49
L = 1a 05 47 69 6a f3 6e
S = 1a 08 41 73 74 75 72 69 61 73
C = 1a 02 45 53

I'm using:
Cert.IssuerRDN.OIDs[0] := SB_CERT_OID_COUNTRY;
Cert.IssuerRDN.Values[0] := GetCountryAbbr(cbCountry.Text);
Cert.IssuerRDN.OIDs[1] := SB_CERT_OID_STATE_OR_PROVINCE;
Cert.IssuerRDN.Values[1] := edtState.Text;
Cert.IssuerRDN.OIDs[2] := SB_CERT_OID_LOCALITY;
Cert.IssuerRDN.Values[2] := edtLocality.Text;
Cert.IssuerRDN.OIDs[3] := SB_CERT_OID_ORGANIZATION;
Cert.IssuerRDN.Values[3] := edtOrganization.Text;
Cert.IssuerRDN.OIDs[4] := SB_CERT_OID_ORGANIZATION_UNIT;
Cert.IssuerRDN.Values[4] := edtOrganizationUnit.Text;
Cert.IssuerRDN.OIDs[5] := SB_CERT_OID_COMMON_NAME;
Cert.IssuerRDN.Values[5] := edtCommonName.Text;

So i thought that it could be that i have to set FormatAttributeValue(SB_ASN1_VISIBLESTRING, to all the strings; but that cause certificate data error :p.

What's up with windows? why does it represents the data that way? what's the solution?
#1218
Posted: 09/14/2006 13:53:23
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

Never mind, it was set .Tags := SB_ASN1_PRINTABLESTRING and everything OK...

Reply

Statistics

Topic viewed 3361 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!