Note: In the interest of better security and the enablement of greater trust, we have decided that 1024-bit keys will now be the minimum strength used in the issuance of thawte digital certificates.
To generate a key, type:
openssl genrsa -rand randfile -out key.pem 1024 This command sequence will generate a 1024-bit RSA private key and store it in the file key.pem. This key file should be copied to the config directory of the Sambar Server. The key should look like:
Obtaining a certificate (Digital ID) Next you must generate a Certificate Signing Request (CSR). The CSR is what contains the name information for the certificate (Country, State/Province, City, Organization, Division, Web Server Domain Name, etc). It also contains your public key.
The formats of certificate and CSR used by the Sambar Server are the same as those used by Apache-SSL (both servers use SSLeay for their SSL implementations). CSR should be sent for verification to Thawte (www.thawte.com).
To generate your CSR, run:
openssl req -new -key key.pem -out req.pem -config ..\config\openssl.cnf This command sequence will prompt you for the attributes of your certificate. Remember to give the secure server domain name when you would be prompted for "Common Name".
Welcome to Global Trust 256 bit SSL Security Site
主要問題大類
