Sponsored Content
Top Forums UNIX for Dummies Questions & Answers Generating server and client certificates Post 302681079 by regexp on Thursday 2nd of August 2012 05:23:29 PM
Old 08-02-2012
Generating server and client certificates

Hi,

I am currently in the process of implementing port based authentication(802.1x) in my home network through radius(FreeRadius).

I want all my clients to use a certificate for authenticating (eap-tls)

However openssl's massive amount of configuration options has me a bit confused.
And the whole certificate part is not one of my stronger points.

I need a certificate used on the server itself and a couple of certificates to export to clients.

So i started by making the keys(and removing the password):
Code:
openssl genrsa -aes128 -out serverkey.key 1024

#Next create a certificate request
Code:
 openssl req -new -key serverkey.key -out server.csr

This is the part that has me a little bewildered, do i use
Code:
 openssl ca <options>

or
Code:
 openssl x509 <options>

when signing the certificates, and what is the difference ?
 

10 More Discussions You Might Find Interesting

1. Solaris

Problem in generating codes in solaris server!!

I have a solaris server having oracle and oracle apps running ! When some one attempts to generate a code, they click a link on the web interface which runs an rsh script from a computer called Helpdesk onto my solaris server and what happens is the web interface show an error message saying... (4 Replies)
Discussion started by: SmartestVEGA
4 Replies

2. Cybersecurity

client auth for jboss using third party certificates

Hi All, I am looking for a way to authenticate clients accesing a jboss application via ssl certificates. Here is what I have don so far: Created CSR using keytool Sent CSR to thawte Received from Thawte the following files: ca-intermdiate.crt and certificate.crt. I assume the intermediate... (0 Replies)
Discussion started by: mariusp
0 Replies

3. Programming

Client/Server Socket Application - Preventing Client from quitting on server crash

Problem - Linux Client/Server Socket Application: Preventing Client from quitting on server crash Hi, I am writing a Linux socket Server and Client using TCP protocol on Ubuntu 9.04 x64. I am having problem trying to implement a scenario where the client should keep running even when the... (2 Replies)
Discussion started by: varun.nagpaal
2 Replies

4. Windows & DOS: Issues & Discussions

Office server => laptop =>client server ...a lengthy and laborious ftp procedure

Hi All, I need your expertise in finding a way to solve my problem.Please excuse if this is not the right forum to ask this question and guide me to the correct forum,if possible. I am a DBA and on a daily basis i have to ftp huge dump files from my company server to my laptop and then... (3 Replies)
Discussion started by: kunwar
3 Replies

5. Programming

Client Server C

Hello, Please I would create a client and a server in C that communicate frequently. The client sends "hello message" to the server, the server waits a few minutes and sends a "hello message" to the client, the client sends again "hello server ".. etc up to 15 minutes Can you guide me... (3 Replies)
Discussion started by: chercheur857
3 Replies

6. UNIX for Dummies Questions & Answers

Client server C

Hello, Please, is there on unix.com the source code of a client C and server C: as shown in following figure: File:InternetSocketBasicDiagram zhtw.png - Wikipedia, the free encyclopedia Thank you so much for help (1 Reply)
Discussion started by: chercheur857
1 Replies

7. Shell Programming and Scripting

Sftp script for dev server to client server

hi, i am new to unix, cuold u send some sftp acripts to send files to dev server to clint server, (1 Reply)
Discussion started by: Koti.annam
1 Replies

8. UNIX for Dummies Questions & Answers

Installing SSL certificates on Ubuntu Server 12.04

Hi everyone, I am working on a Nginx + Apache installation for learning purposes, and just got to the point of installing a self-signed certificate for securing some pages that will be used to send "sensitive" information such as login credentials. So far so good. What a I want to know is how can... (2 Replies)
Discussion started by: gacanepa
2 Replies

9. UNIX for Advanced & Expert Users

List all certificates on a server

Dear All, I am planning to find the list of certificates(WEBshpere/MQ) on a servers. My certificates are either stored in (.jks) / (.pem) / (.cer) . But some of the certificates are stored without these file formats. I tried using find command but unless I give the file name its difficult... (6 Replies)
Discussion started by: sidh_arth85
6 Replies

10. UNIX for Beginners Questions & Answers

CentOs server generating several alarms on partition /proc/

Greetings, I have been facing one issue here and I am not understanding what is causing. I am getting a lot of alarms complaining that the partition for example /proc/12345 , is full, but the partition does not existe on the server. Which is not supposed to happen, because /proc is not a real... (10 Replies)
Discussion started by: Yagami_Sama
10 Replies
NSEQ(1) 							      OpenSSL								   NSEQ(1)

NAME
nseq - create or examine a netscape certificate sequence SYNOPSIS
openssl nseq [-in filename] [-out filename] [-toseq] DESCRIPTION
The nseq command takes a file containing a Netscape certificate sequence and prints out the certificates contained in it or takes a file of certificates and converts it into a Netscape certificate sequence. COMMAND OPTIONS
-in filename This specifies the input filename to read or standard input if this option is not specified. -out filename specifies the output filename or standard output by default. -toseq normally a Netscape certificate sequence will be input and the output is the certificates contained in it. With the -toseq option the situation is reversed: a Netscape certificate sequence is created from a file of certificates. EXAMPLES
Output the certificates in a Netscape certificate sequence openssl nseq -in nseq.pem -out certs.pem Create a Netscape certificate sequence openssl nseq -in certs.pem -toseq -out nseq.pem NOTES
The PEM encoded form uses the same headers and footers as a certificate: -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- A Netscape certificate sequence is a Netscape specific form that can be sent to browsers as an alternative to the standard PKCS#7 format when several certificates are sent to the browser: for example during certificate enrollment. It is used by Netscape certificate server for example. BUGS
This program needs a few more options: like allowing DER or PEM input and output files and allowing multiple certificate files to be used. 0.9.7a 2000-01-20 NSEQ(1)
All times are GMT -4. The time now is 03:51 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy