hello
a quick look in /sys/src/libsec/port/x509.c shows
uchar*
X509req(RSApriv *priv, char *subj, int *certlen)
{
/* RFC 2314, PKCS #10 Certification Request Syntax */
so it is done already, at least using the RSA lab way :)
(the rfc2511 seems to be the Entrust/Verisign way of doing the same :-? )
slds.
gabi
On 1/9/07, Gabriel Diaz <gabidiaz@gmail.com> wrote:
hello
i think this doesn't work if you want to ask Verisign to sign your request, isn't it?, but i think libsec has almost all the code to build a request as in rfc2511 :-? am i wrong?
slds.
gabi
On 1/9/07, Charles Forsyth <forsyth@terzarima.net
> wrote:
> As far as I know libsec still doesn't know how to write x509.
rsa(8) has rsa2x509 and an example
Generate a fresh key and use it to start a TLS-enabled web
server:
auth/rsagen -t 'service=tls owner=*' >key
auth/rsa2x509 'C=US CN=*.cs.bell-
labs.com' key |
auth/pemencode CERTIFICATE >cert
cat key >/mnt/factotum/ctl
ip/httpd/httpd -c cert