CORBA 2.6.1 Administration Guide

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

a1:d7:75:82:99:a6:e2:40:23

Exponent: 65537 (0x10001)

X509v3 extensions:

X509v3 Basic Constraints:

CA:TRUE

X509v3 Key Usage:

Certificate Sign, CRL Sign

X509v3 Subject Key Identifier:

87:CA:7A:F7:6D:A1:0E:FB:12:E4:B7:3E:68:CB:C7:5E:72:CD:73:53

X509v3 Authority Key Identifier:

keyid:87:CA:7A:F7:6D:A1:0E:FB:12:E4:B7:3E:68:CB:C7:5E:72:CD:73:53

DirName:/C=US/ST=California/L=Cupertino/O=Hewlett-Packard/OU=NonStop/Email=john.doe@hp.com

serial:00

Netscape Comment:

Warning! This is a learning toy certificate.

Signature Algorithm: md5WithRSAEncryption

4d:40:cd:09:01:aa:59:9d:47:f1:e5:b8:6a:11:1b:63:26:fd:

e3:bb:13:9f:dd:cd:9e:17:d6:af:b8:d6:5d:cd:93:45:84:83:

a6:7c:30:72:c3:ea:43:71:ca:7e:17:ad:5a:71:da:e8:7e:c5:

15:6d:d8:dc:17:ec:b5:ac:1d:66:25:2d:3e:d5:8b:5b:53:c9:

36:ba:33:f5:53:a7:1f:e4:53:ba:dc:51:1a:d4:71:06:ec:de:

1c:09:39:11:ad:95:72:f0:d4:a3:10:cb:88:2a:90:c9:db:95:

9a:7c:97:5a:c8:ba:5d:a4:7c:36:91:69:69:f2:56:28:27:dd:

7d:c3

-----BEGIN CERTIFICATE-----

MIIDtzCCAyCgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBhjELMAkGA1UEBhMCVVMx

EzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCUN1cGVydGlubzEYMBYGA1UE

ChMPSGV3bGV0dC1QYWNrYXJkMRAwDgYDVQQLEwdOb25TdG9wMSIwIAYJKoZIhvcN

AQkBFhNncmVnLmJvc3Ryb21AaHAuY29tMB4XDTAzMDExNjAwMDMwOFoXDTAzMDIx

NTAwMDMwOFowgYYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIw

EAYDVQQHEwlDdXBlcnRpbm8xGDAWBgNVBAoTD0hld2xldHQtUGFja2FyZDEQMA4G

A1UECxMHTm9uU3RvcDEiMCAGCSqGSIb3DQEJARYTZ3JlZy5ib3N0cm9tQGhwLmNv

bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA09/mUwiGOV15+/zmkuyDGae9

yb4HSDqUSty+r+2R5QnmTx8lCbTH3GUKdxCf3ts+3iV48Yh4X/x1nDo6msbR/cCW

Q09RtzbGXyxDDtenrz/Wj9ZgkrmVIT+QnqNBhIl4UWkvhCbY0gJmz6Q7E7ikLO5F

fwFLgUuh13WCmabiQCMCAwEAAaOCATEwggEtMAwGA1UdEwQFMAMBAf8wCwYDVR0P

BAQDAgEGMB0GA1UdDgQWBBSHynr3baEO+xLktz5oy8decs1zUzCBswYDVR0jBIGr

MIGogBSHynr3baEO+xLktz5oy8decs1zU6GBjKSBiTCBhjELMAkGA1UEBhMCVVMx

EzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCUN1cGVydGlubzEYMBYGA1UE

ChMPSGV3bGV0dC1QYWNrYXJkMRAwDgYDVQQLEwdOb25TdG9wMSIwIAYJKoZIhvcN

AQkBFhNncmVnLmJvc3Ryb21AaHAuY29tggEAMDsGCWCGSAGG+EIBDQQuFixXYXJu

aW5nISBUaGlzIGlzIGEgbGVhcm5pbmcgdG95IGNlcnRpZmljYXRlLjANBgkqhkiG

9w0BAQQFAAOBgQBNQM0JAapZnUfx5bhqERtjJv3juxOf3c2eF9avuNZdzZNFhIOm

fDByw+pDccp+F61acdrofsUVbdjcF+y1rB1mJS0+1YtbU8k2ujP1U6cf5FO63Fea

1HEG7N4cCTkRrZVy8NSjEMuIKpDJ25WafJdayLpdpHw2kWlp8lYoJ919ww==

-----END CERTIFICATE-----

newreq Script

The newreq script is for creating a new public/private key pair, and then creating a CSR to get the public key signed by a CA, creating a new

certificate.

To run the script, type:

newreq name

where name is any valid file name.

Example 6.2. Sample newreq Run

Create a certificate request.

Using configuration from toyCA.cnf

Generating a 1024 bit RSA private key

....................++++++

.....................................++++++

writing new private key to ‘./toyCA/private/name.key’

Enter PEM pass phrase:

Verifying password – Enter PEM pass phrase:

-----

You are about to be asked information that will be incorporated

into your certification request.

What you are about to enter is called a Distinguished Name or DN.

There are quite a few fields buy you may leave some blank

For some fields there will be a default value,

If you enter ‘.’, the field will be left blank.

-----

Country Name (2 letter code) [US]:

State or Province Name (full name) [California]:

Locality Name (eg, city) [Cupertino]:

Organization Name (eg, company) [Hewlett-Packard]:

Organizational Unit Name (eg, section) [NonStop]:

Common Name (eg, the CA, server, or client (your?) name): name

E-Mail [john.doe@hp.com]:

Please enter the following ‘extra’ attributes

to be sent with your certificate request

A challenge password []:asdf

An optional company name []:Tandem

The script creates the following directories and files:

Pathname/Filename Purpose

name.csr

The Certificate Signing Request (CSR).

toyCA/private/name.key

The newly generated private key for name.

signreq Script