A 7.5. making certificate for sts – SENA STS Series User Manual

128

Using configuration from /usr/share/ssl/openssl.cnf
Enter PEM pass phrase: CA Password (Enter CA password in step 2-2)
Check that the request matches the signature
Signature ok
The Subjects Distinguished Name is as follows
countryName

:PRINTABLE:'US'

stateOrProvinceName

:PRINTABLE:'Minnesota'

localityName

:PRINTABLE:'Minneapolis'

organizationName

:PRINTABLE:'Digi International'

commonName

:PRINTABLE:'Digi PortServer CM'

Certificate is to be certified until Oct

6 09:39:59 2013 GMT (3653 days)

Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
Certificate:

Data:

Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=Minnesota, L=Minneapolis, O=Digi International, CN=Digi

International

Validity

Not Before: Oct

6 09:39:59 2003 GMT

Not After : Oct

6 09:39:59 2013 GMT

Subject: C=US, ST=Minnesota, L=Minneapolis, O=Digi International, CN=Digi

PortServer CM

Subject Public Key Info:

Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)

....
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
Signed certificate is in newcert.pem

Step 2. Check whether signed certificate(newcert.pem) is generated.

# ls

demoCA

key.pem

newcert.pem

newreq.pem

req.pem

A 7.5. Making Certificate For STS

Step 1. Removing headings in newcert.pem file

# cd /work/openssl-0.9.7c/CA

# cp newcert.pem server.pem

# vi server.pem

Certificate:

Data:

Version: 3 (0x2)
Serial Number: 1 (0x1)