[Pi3web-users] How do I create a csr with pi3web
Brought to you by:
zimpel
Menu
▾
▴
[Pi3web-users] How do I create a csr with pi3web
|
From: <zi...@t-...> - 2005-01-30 16:30:53
|
For Pi3Web as a free server it is recommended to use openssl in order to generate keys and certificate signing request (CSR). For demonstration purposes I created the Pi3CA (http://pi3web.sourceforge.net/pi3ca/), a small web frontend for openssl, where you can also upload your CSR for signing (http://pi3web.sourceforge.net/pi3ca/server-enroll.html). You can also download an 'off the shelf' Win32 package of openssl and a few scripts, which can be used for key and CSR generation from this site. There's a short README.TXT describing the usage of the scripts and the default parameters (changes are not required). You can either use the perl (perl interpreter is required) or the cmd script, they are functional identical. The required steps are: 1. download and unpack the openssl binaries and the scripts into a common folder CSRTOOL 2. read the README.TXT file and perform optional paramter changes (e.g. switch off the private key passphrase) in the script generate_csr.bat (or .pl) 3. go into CSRTOOL, invoke generate_csr.bat (or .pl) and enter the requested information (press ENTER in order to apply default values, enter the exact server host name when the 'common name' is requested 4. take server_cert.req and send it to the CA for signing using the mechanism provided by the CA (for the Pi3CA open server_cert.req with an editor or text viewer, select all, copy and paste it to the Pi3CA CSR enrollment page and press 'enroll', then save the received certificate file) 5. copy the server_pkey.pem and the server_cert.pem to their location, as configured with Pi3Web 6. start the server, enter the Private Key Passphrase if requested (Important: if the server runs as a service, allow interaction with desktop in the service manager) -- regards, Holger |
