I'm trying to generate a key using the genkey command in centos 6.4 and RHEL6.4, Every thing seems to go cool but I get this error message bad certificate request error -8016 and no key/cert is generated. I don't want use the many openssl(s) commands instead since genkey is a shourtcut for all of these openssl commands.
Hello everybody
Hope somebody can help me
I'm trying to install SSL Certificate on Apache/mod_ssl on Linux with Zend for Oracle.
I bought and downloaded certificate from certificate from Network Solutions. Than I followed the instructions to the dot.
I created a directory for certificate... (2 Replies)
Dear All
Anyone know how to issue two different certification on apache virtualhost fyi i have one virtualhost eg 69.192.1.25:443 already signed with verisign how can i configure another virtualhost 69.192.1.25:443 which signing with another certificate which self signing. i search net not... (1 Reply)
Hello,
I am new in UNIX, and some one asks me to install SSL certificates to allow exchange with an external system.
Can someone tell how to install certificate (ex : verisignxxx.cer) on a UNIX server?
Many thanks.
Tibo (4 Replies)
Hi guys.
I have some questions about ssl certificates.
I looked at SSL providers and saw that they are providing 2 types of certificates: per server or per domain.
my server host name is: srv1.example.com
I have a smtp, imap, web server on this box. but all services accessed by different... (1 Reply)
we are doing TCP for our systems. I have a working SSL certificate on prodction webserver. Im planning to export it to our DR server for TCP purposes. However when I export based on the procedure below, it doesn't work. When I restart the DR webserver, it still says the certifcate is expired.Any... (1 Reply)
Hi,
I want to renew the ssl certificate for one of my application on tomcat without down time. I want to know what would the possible impacts for the users who currently have sessions to the app.
Regards,
Arumon (1 Reply)
We have a RHEL 5.8 server at the production level and we have a Java application on this server. I know of the SSL certificate generation at the OS (RHEL) level but it is implemented on the Java application by our development team using the Java keytool. My doubt is that is the SSL generation can... (3 Replies)
Hey everyone, I'm trying to get a lay of the land for OS and Application Certificate Stores. Can someone confirm that I have this concept right?
If the application you're using say Firefox has it's own trusted CA store, it uses that exclusively. So if you're running firefox in Windows, Firefox... (4 Replies)
Hello!
I had a cron job running on my website, activating a php script every friday. The Php script just activated another photo to add in the gallery. It worked fine until I got an SSL certificate for my website, then everything broke.
This was the command before:
lynx -source... (0 Replies)
Discussion started by: AGDesign
0 Replies
LEARN ABOUT CENTOS
io::socket::ssl::utils
IO::Socket::SSL::Utils(3) User Contributed Perl Documentation IO::Socket::SSL::Utils(3)NAME
IO::Socket::SSL::Utils -- loading, storing, creating certificates and keys
SYNOPSIS
use IO::Socket::SSL::Utils;
my $cert = PEM_file2cert('cert.pem');
my $string = PEM_cert2string($cert);
CERT_free($cert);
my $key = KEY_create_rsa(2048);
PEM_string2file($key);
KEY_free($key);
DESCRIPTION
This module provides various utility functions to work with certificates and private keys, shielding some of the complexity of the
underlying Net::SSLeay and OpenSSL.
FUNCTIONS
o Functions converting between string or file and certificates and keys. They croak if the operation cannot be completed.
PEM_file2cert(file) -> cert
PEM_cert2file(cert,file)
PEM_string2cert(string) -> cert
PEM_cert2string(cert) -> string
PEM_file2key(file) -> key
PEM_key2file(key,file)
PEM_string2key(string) -> key
PEM_key2string(key) -> string
o Functions for cleaning up. Each loaded or created cert and key must be freed to not leak memory.
CERT_free(cert)
KEY_free(key)
o KEY_create_rsa(bits) -> key
Creates an RSA key pair, bits defaults to 1024.
o CERT_asHash(cert) -> hash
Extracts the information from the certificate into a hash:
serial The serial number
version Certificate version, usually 2 (x509v3)
subject Hash with the parts of the subject, e.g. commonName, countryName, organizationName, stateOrProvinceName, localityName.
subjectAltNames
Array with list of alternative names. Each entry in the list is of "[type,value]", where "type" can be OTHERNAME, EMAIL, DNS,
X400, DIRNAME, EDIPARTY, URI, IP or RID.
not_before, not_after
The time frame, where the certificate is valid, as time_t, e.g. can be converted with localtime or similar functions.
o CERT_create(hash) -> cert
Creates a certificate based on the given hash. Additionally to the information described in "CERT_asHash" the following keys can be
given:
CA true|false
if true declare certificate as CA, defaults to false
key key use given key as key for certificate, otherwise a new one will be generated
issuer_cert cert
set issuer for new certificate
issuer_key key
sign new certificate with given key
If not all necessary information are given some will have usable defaults, e.g.
not_before defaults to the current time
not_after defaults to 365 days in the future
subject has a default pointing to IO::Socket::SSL
version defaults to 2 (x509v3)
serial will be a random number
AUTHOR
Steffen Ullrich
perl v5.16.3 2014-06-10 IO::Socket::SSL::Utils(3)