Zilog EZ80F91AZA User Manual
Page 50
UM020107-1211
SSL Configuration
ZTP Network Security SSL Plug-In
User Manual
44
req
command not to DES-encrypt the private key. The Base64-encoded data in these
files will be enclosed between the beginning and ending delimiter lines.
An example is shown in the following code fragment.
-----BEGIN CERTIFICATE-----
MIICQjCCAeygAwIBAgIBATANBgkqhkiG9w0BAQQFADBSMQswCQYDVQQGEwJVUzEL
MAkGA1UECBMCQ0ExETAPBgNVBAcTCFNhbiBKb3NlMQ4wDAYDVQQKEwVaaUxPRzET
MBEGA1UEAxMKWlRQIFNTTCBDQTAeFw0wNTEwMTUyMDAxMTZaFw0wNjEwMTUyMDAx
MTZaMFIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTERMA8GA1UEBxMIU2FuIEpv
c2UxDjAMBgNVBAoTBVppTE9HMRMwEQYDVQQDEwpaVFAgU1NMIENBMFwwDQYJKoZI
hvcNAQEBBQADSwAwSAJBALwIx2kBFRWBu7f17d4V+qe/By+6FGOzPus0rRtXEFPy
+M+11NISOLikREZV948QKN1GkT/8fJplhuMNn5G1LhsCAwEAAaOBrDCBqTAdBgNV
HQ4EFgQUHZCNWFT6S8lrh1+jSuTKIsZVk/8wegYDVR0jBHMwcYAUHZCNWFT6S8lr
h1+jSuTKIsZVk/+hVqRUMFIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTERMA8G
A1UEBxMIU2FuIEpvc2UxDjAMBgNVBAoTBVppTE9HMRMwEQYDVQQDEwpaVFAgU1NM
IENBggEBMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADQQALzgTerl+vD04M
PirnJIWeXpk3stLJ+yXhtVUp/puVRMx/cUNuK+B/Fko0MBJgWp8ILHf31DcHzXGQ
rpS8d8XM
-----END CERTIFICATE-----
2. Create the SSL server’s certificate. The
OpenSSL
req
command will be used again;
however, this time a command file is used to supply the
req
command with informa-
tion about the SSL server. This command will also generate a self-signed certificate
for the server but, in the next step, the certificate will be signed by the root certificate
created in the previous step.
OpenSSL> req -newkey rsa:512 -x509 -nodes -out SrvrSS.crt -keyout
SrvrKey.txt -config info.txt
Loading 'screen' into random state - done
Generating a 512 bit RSA private key
......................++++++++++++
..++++++++++++
writing new private key to 'SrvrKey.txt'
-----
OpenSSL>
The contents of the configuration file
info.txt
is shown in the following code frag-
ment.
[ req ]
distinguished_name = req_distinguished_name
prompt = no
[ req_distinguished_name ]