[Date Prev][Date Next]
question about TLS
i'm trying to enable support for TLS by following the instructions
listed in the openldap faq, located here:
it took a few minutes to find the CA shell script (/usr/share/ssl/misc
on redhat), and now that i've found it, i'm having some trouble with it.
i created /etc/ssl/certs to store my certificates in. cd'd into it,
and i've run "CA -newca". it prompts me for a filename to create as
the certificate, and then tells me it can't stat the file, and creates
a directory called demoCA w/ a bunch of empty files and directories in
it. however, if i just hit enter when prompted, it asks me for the
certificate information, and then creates the demoCA directory with
populated files (the certificate and private key).
okay, so i have the cert and the private key, my question is, what do i
do next? when i run the openssl command listed in the doc to create
the certificate request:
openssl req -new -nodes -keyout newreq.pem -out newreq.pem
am i supposed to be pointing it at the public certificate created
above? or at a new, empty file?