[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] gensslcert gives the wrong common name



Try it with this one....


openssl genrsa -des3 -out server.key 1024
 (type yout passphrase, and make a backup of the yet generatet key)
  
  openssl rsa -in server.key -out server.key.unsecure
 (this is the unsecure key for apache, webmin or something else)
  
  openssl req -new -key server.key -out server.csr
 Country Name (2 letter code) [AU]:
 State or Province Name (full name) [Some-State]:
 Locality Name (eg, city) []:
 Organization Name (eg, company) [Internet Widgits Pty Ltd]:
 Organizational Unit Name (eg, section) []:
 Common Name (eg, YOUR name) []: www.foo.bar
 Email Address []:mail@xxxxxxxxxxxxxxx
 A challenge password []:
 An optional company name []:
  


Am 03.09.2004 10:36 Uhr schrieb "Andrei Bintintan" unter
<klodoma@xxxxxxxxx>:

> Hi to all. I'm trying to generate a certificate with gensslcert. I give the
> following command: gensslcert -n www.foobar.bar -e webmaster@xxxxxxxxxx but
> the CN always gets a -(minus) at the end. WHY? I cannot get my webserver
> working with this certificate. Or... is this normal??
> 
> Please help. 
> 
> This is the output:
> 
> 
> linz:/etc/apache2 # gensslcert -n www.foobar.bar -e webmaster@xxxxxxxxxx
> 
> comment         mod_ssl server certificate
> name
> C               XY
> ST              unknown
> L               unknown
> U               web server
> O               SuSE Linux Web Server
> CN              www.foobar.bar-
> email           webmaster@xxxxxxxxxx
> 
> creating CA key ...
> 2562608 semi-random bytes loaded
> Generating RSA private key, 2048 bit long modulus
> ..............................................................................
> ........................................+++
> ..........................+++
> e is 65537 (0x10001)
> 
> creating CA request/certificate ...
> Using configuration from /root/.mkcert.cfg
> `/etc/apache2/ssl.crt/ca.crt' -> `/srv/www/htdocs/CA.crt'
> 
> creating server key ...
> 2562608 semi-random bytes loaded
> Generating RSA private key, 1024 bit long modulus
> ...............................++++++
> ..........++++++
> e is 65537 (0x10001)
> 
> creating server request ...
> Using configuration from /root/.mkcert.cfg
> creating server certificate ...
> Signature ok
> subject=/C=XY/ST=unknown/L=unknown/O=SuSE Linux Web Server/OU=web
> server/CN=www.foobar.bar-/Email=webmaster@xxxxxxxxxx
> Getting CA Private Key
> 
> Verify: matching certificate & key modulus
> read RSA key
> 
> Verify: matching certificate signature
> /etc/apache2/ssl.crt/server.crt: OK
> linz:/etc/apache2 # gensslcert -n www.foobar.bar -e webmaster@xxxxxxxxxx >
> x.txt
> 2562608 semi-random bytes loaded
> Generating RSA private key, 2048 bit long modulus
> ..+++
> ..+++
> e is 65537 (0x10001)
> Using configuration from /root/.mkcert.cfg
> 2562608 semi-random bytes loaded
> Generating RSA private key, 1024 bit long modulus
> .................++++++
> ...++++++
> e is 65537 (0x10001)
> Using configuration from /root/.mkcert.cfg
> Signature ok
> subject=/C=XY/ST=unknown/L=unknown/O=SuSE Linux Web Server/OU=web
> server/CN=www.foobar.bar-/Email=webmaster@xxxxxxxxxx
> Getting CA Private Key
> read RSA key
> linz:/etc/apache2 #
> 
> 


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here