Manualshelf

User's Manual

ManualsBrandsPePLink ManualsElectronicsIntenet Access Router
21222324252627282930
PePLink Surf Users Manual v2.6
Copyright © 1999-2006 PePLink Ltd. All Rights Reserved Page 26 of 30
5 Appendix - Demo CA and Server Certification
Generation Instructions
5.1 Prerequisite
OpenSSL v0.9.7a or above
Note: The illustration below is based on Linux.
5.2 Create your own Certificate Authority (CA)
1. Create a working directory (e.g. ~/demoCA)
mkdir ~/demoCA
chmod 700 ~/demoCA
cd ~/demoCA
mkdir private certs newcerts
echo -n 01 > serial
touch index.txt
2. Create a private key for your CA, for example:
openssl genrsa -des3 -passout pass:democa -out private/cakey.pem 2048
(A CA private key called "cakey.pem" is then created in the directory
"private". This is a 2048bit RSA private key with pass phrase 'democa'.)
3. Create the server certificate for your CA, for example:
openssl req -new -x509 -days 8000 -key private/cakey.pem -passin pass:democa
-out cacert.pem
Then a series of questions will be asked:
You are about to be asked to enter information that will be incorporated into
your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.