on 03-14-2008 3:12 PM
We are using Cerificates for signing and encrypting EDI messages. From SAP KEY Store in Visual Admin, we are able to create Certifactes ( Public key) based on MD5 hash. But one of our retail cusotomers is insisting for SHA1 based certicates. So we need to generate the key pair outside SAP. I am looking for a tool to create this key pair. I had a brief look at OPENSSL. Does anybody have a document on using OPENSSL tool ?
cheers
Ramesh
I have seen that link. It does not tell me how to instal the OPENSSL software. It looks like OPEN SSL runs only on LINUX or UNIX. So if you are using Windows environment to generate Cerifcates, you need another emulation software.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Open SSL can easily be installed on Windows and is run via Dos.
In order to create keys you first create a key using a command similar to this
c:\openssl-0.9.7a\out\openssl genrsa -out myprivatekey.key 2048
which creates a 2048 bit key (may be illegal in the USA which restricts the size of a key)
You then create a Certificate Signing Request (CSR) using something like the following
c:\openssl-0.9.7a\out\openssl req -config myconfig.conf -new -key myprivatekey.key -out mysignaturerequest.csr
A simple config file looks like this
RANDFILE = c:/temp/testcertificates/.rnd
[ req ]
default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
output_password = password
[ req_distinguished_name ]
C = Country
ST = City
L = Street
O = JESSICA_ALBA
OU = JESSICA_ALBA
CN = JESSICA_ALBA
[ req_attributes ]
challengePassword = password
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
end of sample config file
Send your CSR to a Certificate Authority.
A lot of Certificate Authoritiies do all of this for you enabling you to create your key and csr via their web site.
There's a wealth of information available via google on Open SSL, but have a strong coffee first ;o)
Good luck,
John
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.