Belkin F1DP116SEA User Manual

Page 63

Advertising

Appendix E: Creating CA Files

ii) Strip passphrase:

openssl rsa -in cakey.pem -out cakey-nopassword.pem

iii) Combine the key and X.509 certificate files into server.pem:

cat cakey-nopassword.pem cacert.pem > server.pem

iv) Collect all 3 PEM files and prepare to upload to IPCS server:

server.pem , cacert.pem , cakey.pem

2. Signed by trustworthy CA:

i) Prepare private key

cakey.pem:

openssl genrsa –des3 –out cakey.pem 1024

meaning of parameters:

genrsa : generate RSA private key

des3 : encrypt certificate by DES3

1024 : the key size is 1024-bit

ii) Prepare a Certificate Signing Request:

openssl req –new –key cakey.pem –out server.csr

openSSL toolkit will prompt the user with a message to guide the user to fill out a registration
form. Once it is complete, users can submit the CSR file to www.verisign.com for testing or
refer to http://www.hitrust.com.tw/hitrustexe/frontend/default_tw.asp (located in Taiwan) to
apply for a signed certificate. Get the certificate and name the file as “cacert.pem”.

iii) Strip passphrase:

openssl rsa –in cakey.pem –out cakey-nopassword.pem

iv) Combine the key and X.509 certificate files into server.pem:

cat cakey-nopassword.pem cacert.pem > server.pem

v) Collect all 3 PEM files for upload:

server.pem , cacert.pem , cakey.pem

Advertising

Popular Brands

Popular manuals