Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Generating server and client certificates
Top Forums UNIX for Dummies Questions & Answers Generating server and client certificates Post 302681079 by regexp on Thursday 2nd of August 2012 05:23:29 PM
Old 08-02-2012
Generating server and client certificates
Hi,

I am currently in the process of implementing port based authentication(802.1x) in my home network through radius(FreeRadius).

I want all my clients to use a certificate for authenticating (eap-tls)

However openssl's massive amount of configuration options has me a bit confused.
And the whole certificate part is not one of my stronger points.

I need a certificate used on the server itself and a couple of certificates to export to clients.

So i started by making the keys(and removing the password):
Code:
openssl genrsa -aes128 -out serverkey.key 1024

#Next create a certificate request
Code:
 openssl req -new -key serverkey.key -out server.csr

This is the part that has me a little bewildered, do i use
Code:
 openssl ca <options>

or
Code:
 openssl x509 <options>

when signing the certificates, and what is the difference ?
 

10 More Discussions You Might Find Interesting

1. Solaris

Problem in generating codes in solaris server!!

I have a solaris server having oracle and oracle apps running ! When some one attempts to generate a code, they click a link on the web interface which runs an rsh script from a computer called Helpdesk onto my solaris server and what happens is the web interface show an error message saying... (4 Replies)
Discussion started by: SmartestVEGA
4 Replies

2. Cybersecurity

client auth for jboss using third party certificates

Hi All, I am looking for a way to authenticate clients accesing a jboss application via ssl certificates. Here is what I have don so far: Created CSR using keytool Sent CSR to thawte Received from Thawte the following files: ca-intermdiate.crt and certificate.crt. I assume the intermediate... (0 Replies)
Discussion started by: mariusp
0 Replies

3. Programming

Client/Server Socket Application - Preventing Client from quitting on server crash

Problem - Linux Client/Server Socket Application: Preventing Client from quitting on server crash Hi, I am writing a Linux socket Server and Client using TCP protocol on Ubuntu 9.04 x64. I am having problem trying to implement a scenario where the client should keep running even when the... (2 Replies)
Discussion started by: varun.nagpaal
2 Replies

4. Windows & DOS: Issues & Discussions

Office server => laptop =>client server ...a lengthy and laborious ftp procedure

Hi All, I need your expertise in finding a way to solve my problem.Please excuse if this is not the right forum to ask this question and guide me to the correct forum,if possible. I am a DBA and on a daily basis i have to ftp huge dump files from my company server to my laptop and then... (3 Replies)
Discussion started by: kunwar
3 Replies

5. Programming

Client Server C

Hello, Please I would create a client and a server in C that communicate frequently. The client sends "hello message" to the server, the server waits a few minutes and sends a "hello message" to the client, the client sends again "hello server ".. etc up to 15 minutes Can you guide me... (3 Replies)
Discussion started by: chercheur857
3 Replies

6. UNIX for Dummies Questions & Answers

Client server C

Hello, Please, is there on unix.com the source code of a client C and server C: as shown in following figure: File:InternetSocketBasicDiagram zhtw.png - Wikipedia, the free encyclopedia Thank you so much for help (1 Reply)
Discussion started by: chercheur857
1 Replies

7. Shell Programming and Scripting

Sftp script for dev server to client server

hi, i am new to unix, cuold u send some sftp acripts to send files to dev server to clint server, (1 Reply)
Discussion started by: Koti.annam
1 Replies

8. UNIX for Dummies Questions & Answers

Installing SSL certificates on Ubuntu Server 12.04

Hi everyone, I am working on a Nginx + Apache installation for learning purposes, and just got to the point of installing a self-signed certificate for securing some pages that will be used to send "sensitive" information such as login credentials. So far so good. What a I want to know is how can... (2 Replies)
Discussion started by: gacanepa
2 Replies

9. UNIX for Advanced & Expert Users

List all certificates on a server

Dear All, I am planning to find the list of certificates(WEBshpere/MQ) on a servers. My certificates are either stored in (.jks) / (.pem) / (.cer) . But some of the certificates are stored without these file formats. I tried using find command but unless I give the file name its difficult... (6 Replies)
Discussion started by: sidh_arth85
6 Replies

10. UNIX for Beginners Questions & Answers

CentOs server generating several alarms on partition /proc/

Greetings, I have been facing one issue here and I am not understanding what is causing. I am getting a lot of alarms complaining that the partition for example /proc/12345 , is full, but the partition does not existe on the server. Which is not supposed to happen, because /proc is not a real... (10 Replies)
Discussion started by: Yagami_Sama
10 Replies

LEARN ABOUT CENTOS

ssl_ctx_add_extra_chain_cert

SSL_CTX_add_extra_chain_cert(3) 				      OpenSSL					   SSL_CTX_add_extra_chain_cert(3)

NAME

       SSL_CTX_add_extra_chain_cert - add certificate to chain

SYNOPSIS

	#include <openssl/ssl.h>

	long SSL_CTX_add_extra_chain_cert(SSL_CTX ctx, X509 *x509)

DESCRIPTION

       SSL_CTX_add_extra_chain_cert() adds the certificate x509 to the certificate chain presented together with the certificate. Several
       certificates can be added one after the other.

NOTES

       When constructing the certificate chain, the chain will be formed from these certificates explicitly specified. If no chain is specified,
       the library will try to complete the chain from the available CA certificates in the trusted CA storage, see
       SSL_CTX_load_verify_locations(3).

RETURN VALUES

       SSL_CTX_add_extra_chain_cert() returns 1 on success. Check out the error stack to find out the reason for failure otherwise.

SEE ALSO

       ssl(3), SSL_CTX_use_certificate(3), SSL_CTX_set_client_cert_cb(3), SSL_CTX_load_verify_locations(3)

1.0.1e								    2013-02-11					   SSL_CTX_add_extra_chain_cert(3)
All times are GMT -4. The time now is 07:40 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy