Manualshelf

WU-FTPD 2.6.1 Release Notes (5900-2465, September 2012)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Networking Software
12345678910
After you answer the questions prompted by the ./CA.pl newca command, the
following files are created:
The ./demoCA/cacert.pem file. This is the CA certificate file you can exchange
with communication partners for TLS authentication or verification.
The ./demoCA/private/cakey.pem file. This is the private key file of the CA
and is passphrase-protected. You can use this private key to sign or revoke certificates.
NOTE: Do not exchange the private key file with communication partners.
b. Generate the certificate and the key pair for the FTP server:
$ ./CA.pl newreq
The following output is displayed:
Generating a 1024 bit RSA private key...
+++++..........................++++++
writing new private key to 'newkey.pem'
-----
You are about to be asked to enter information that will
be incorporated into your certificate request.
What you are about to enter is what is called a
Distinguished Name or a DN.
There are quite a few fields but you can leave
some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Enter your organization name, location, and name.
The ./CA.pl newreq command creates the following files:
The private key of the FTP server (./newkey.pem)
The original (unsigned) certificate request (./newreq.pem)
c. Certificate using the CA created in Step a:
$ CA.pl sign
A signed public certificate, ./newcert.pem (with its public key), is created for the FTP
server.
5. Create a subdirectory security under the /etc/ftpd directory:
mkdir p /etc/ftpd/security
6. Change the directory location to security:
cd /etc/ftpd/security
7. Copy the previously created CA certificate, the FTP server certificate, and the key from the
/opt/openssl/misc/ directory to the /etc/ftpd/security directory:
cp /opt/openssl/misc/demoCA/cacert.pem
/etc/ftpd/security/ftpd-rsa-ca.pem
cp /opt/openssl/misc/newkey.pem /etc/ftpd/security/ftpd-rsa-key.pem
cp /opt/openssl/misc/newcert.pem /etc/ftpd/security/ftpd-rsa-cert.pem
The FTP server is now ready with the signed public certificate and the private key.
Creating DSA certificates and keys
This section provides an example to create DSA certificates and keys.
NOTE: You must create DSA certificates only if you want to use DSA certificates instead of RSA
certificates.
Following is an example to create DSA certificates and keys:
WU-FTPD 2.6.1 features 9