| OmniMix • Tutorial • Server Certificate Creation |
|
--------------------------------------------------------------------------------
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f9:c7:c9:a9:14:6c:b1:d8
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=OmniMix - Demo, CN=My OmniMix Server
Validity
Not Before: Jan 1 00:00:09 2008 GMT
Not After : Jan 1 00:00:09 2010 GMT
Subject: CN=OmniMix - Demo, CN=My OmniMix Server
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:c2:5a:50:6d:22:d2:a3:76:f4:9f:46:33:cf:03:
aa:05:24:e2:cb:dc:8d:11:25:0f:f1:ad:c7:23:2d:
c4:ae:a6:be:95:79:2d:58:9a:91:11:97:62:01:c6:
fd:d3:26:05:2a:77:71:04:6b:44:c4:86:25:30:44:
5b:04:b5:4b:a4:1d:0e:f7:fc:92:72:b6:3e:b5:22:
83:45:f3:76:a2:1e:27:b3:d6:20:a2:b4:d1:18:f4:
89:29:54:5c:a3:f5:0e:1f:48:c8:21:bc:f2:61:cb:
70:63:9f:c5:e6:dc:fc:9a:69:d7:f1:02:35:ef:bd:
e4:17:5d:73:22:cb:e7:9a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Key Encipherment, Certificate Sign
X509v3 Extended Key Usage:
TLS Web Server Authentication
Netscape Cert Type:
SSL Server
Signature Algorithm: sha1WithRSAEncryption
48:6c:9d:8c:30:c1:78:73:ff:0a:66:8f:31:9a:ce:7a:c2:d3:
92:77:2a:dc:56:57:83:e9:65:d5:70:22:b0:75:e2:1c:a7:8a:
4e:9a:8c:8d:14:e9:e0:22:d0:89:18:73:9b:33:77:5a:67:bb:
74:99:3e:fc:d1:ce:4a:da:f3:51:31:4d:fe:8a:32:8a:73:89:
2b:78:42:ac:37:11:50:39:e8:a4:6d:03:58:3a:58:b0:3d:48:
fe:69:50:eb:cc:ae:a6:9d:ab:0c:1f:11:68:13:81:5e:84:37:
d3:b4:cc:f4:dc:f4:c3:4a:f0:2e:9d:84:ca:f3:95:5a:78:95:
c6:55
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
# openssl config file for creation of a self signed RSA x509 certificate
[ req ]
default_bits = 2048
default_md = sha1
encrypt_key = yes
distinguished_name = req_distinguished_name
x509_extensions = req_x509_extensions
prompt = yes
[ req_distinguished_name ]
C = Country Name (2 letter code)
C_default = UN
C_min = 2
C_max = 2
ST = State or Province Name (full name)
L = Locality Name (e.g. city)
O = My Organization
OU = My Organizational Unit
CN = My Common Name
CN_default = OmniMix Server - Demo
emailAddress = My Email Address
emailAddress_max = 64
[ req_x509_extensions ]
basicConstraints = CA:FALSE
keyUsage = keyEncipherment,keyCertSign
extendedKeyUsage = serverAuth
nsCertType = server
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
e:\...\OmniMix\cer>openssl req -new -config .\omnimix_i.cnf -x509 -days 731 -out omnimix_i.pem -keyout omnimix_i.pem
Loading 'screen' into random state - done
Generating a 2048 bit RSA private key
...............+++
........................+++
writing new private key to 'omnimix_i.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [UN]:de
State or Province Name (full name) []:Bavaria
Locality Name (e.g. city) []:Munich
My Organization []:OmniMix
My Organizational Unit []:
My Common Name [OmniMix Server - Demo]:
My Email Address []:
e:\...\OmniMix\cer>openssl x509 -in omnimix_i.pem -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
b3:1a:2a:c4:55:05:e6:3a
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=de, ST=Bavaria, L=Munich, O=OmniMix, CN=OmniMix Server - Demo
Validity
Not Before: Mar 8 17:50:55 2008 GMT
Not After : Mar 9 17:50:55 2010 GMT
Subject: C=de, ST=Bavaria, L=Munich, O=OmniMix, CN=OmniMix Server - Demo
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:cb:b7:a3:0d:f1:26:c6:57:05:8c:38:8e:3d:07:
96:52:dc:08:62:78:20:a3:7c:04:1f:93:94:4a:54:
e1:62:e6:af:32:27:a9:7a:68:e3:98:df:53:f6:3d:
29:a7:a1:98:20:4b:98:d9:6c:1d:58:c6:98:ac:0a:
41:de:92:84:d6:9d:4b:70:2c:07:08:6a:cd:b9:ea:
3f:9f:ce:70:ee:70:cd:57:be:38:ec:fc:4f:e7:4e:
83:2c:d2:ff:be:e5:0d:31:ea:f9:1f:75:cb:34:cc:
60:df:b5:6f:d4:32:1b:ae:1b:70:a6:9d:82:c0:4d:
df:c9:28:6d:48:41:15:dc:92:f8:69:5f:63:80:da:
f1:97:1e:02:16:76:9d:15:7a:c3:4c:57:93:fa:47:
4b:21:65:cb:b3:40:e3:60:8e:77:ab:17:d0:1d:8d:
97:2f:44:f4:fc:a2:11:0e:5f:4c:02:6f:c5:32:b2:
0c:76:df:b9:45:b5:57:65:81:75:5e:fc:c1:fc:f9:
f1:f7:f1:bd:20:91:23:97:61:d3:bd:49:b3:76:d7:
fd:a7:fd:80:11:d2:64:3a:bf:a0:8d:bd:f5:c0:50:
0b:13:78:57:2d:1e:ad:bb:42:80:7a:bf:cd:36:21:
95:a6:68:f2:5f:96:e3:51:08:8a:76:2e:78:a7:89:
98:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Key Encipherment, Certificate Sign
X509v3 Extended Key Usage:
TLS Web Server Authentication
Netscape Cert Type:
SSL Server
Signature Algorithm: sha1WithRSAEncryption
51:43:e7:fd:c6:be:ab:23:67:ab:77:87:3a:b8:56:da:88:f6:
68:a0:1d:37:c0:f6:4f:1a:cc:d5:57:ff:42:2d:7e:58:c2:d5:
82:d8:0d:32:c9:0f:2d:46:9b:03:13:a8:73:20:09:f3:5c:58:
a6:8b:f5:15:07:fc:2a:9a:5e:17:12:b8:f8:c0:af:bc:13:5c:
f7:b3:c0:47:2e:e2:52:5d:e8:c2:6d:0b:b5:32:38:e5:cd:5f:
3a:cf:bc:cc:07:d6:f8:8c:78:22:2f:20:5e:0a:04:71:e2:c0:
e5:56:97:45:e5:fe:6b:e7:83:d5:4a:b9:a3:1a:ec:2a:8c:80:
9c:03:c7:b9:cf:0f:b1:36:bb:09:b8:ea:6c:7e:ac:9e:62:53:
0e:9e:00:98:58:07:46:89:cb:b0:d5:a7:4c:36:e7:ea:e5:7b:
b9:af:02:7a:19:1f:de:e5:a1:d4:31:62:33:25:e1:15:60:5a:
bd:48:8d:45:eb:e9:60:12:c6:c5:72:30:bb:42:12:78:d8:f8:
d2:c2:02:73:3d:fc:7e:50:92:eb:4f:34:5e:e5:84:3d:ce:01:
fc:f6:80:94:9c:33:6c:9e:13:e6:1c:53:87:58:49:93:a8:35:
f6:d8:cb:9b:0a:01:ff:2a:a3:d6:89:6f:17:e1:3d:ce:7d:3e:
68:d9:c7:9a
e:\...\OmniMix\cer>
--------------------------------------------------------------------------------
|
|