[Date Prev][Date Next] [Chronological] [Thread] [Top]

question about TLS

i'm trying to enable support for TLS by following the instructions listed in the openldap faq, located here:

it took a few minutes to find the CA shell script (/usr/share/ssl/misc on redhat), and now that i've found it, i'm having some trouble with it.

i created /etc/ssl/certs to store my certificates in. cd'd into it, and i've run "CA -newca". it prompts me for a filename to create as the certificate, and then tells me it can't stat the file, and creates a directory called demoCA w/ a bunch of empty files and directories in it. however, if i just hit enter when prompted, it asks me for the certificate information, and then creates the demoCA directory with populated files (the certificate and private key).

okay, so i have the cert and the private key, my question is, what do i do next? when i run the openssl command listed in the doc to create the certificate request:
openssl req -new -nodes -keyout newreq.pem -out newreq.pem

am i supposed to be pointing it at the public certificate created above? or at a new, empty file?

jacob walcik