Zilog EZ80F91AZA User Manual
Page 51
UM020107-1211
SSL Configuration
ZTP Network Security SSL Plug-In
User Manual
45
C = US
ST = CA
L = San Jose
O = Zilog Inc.
CN = My SSL Server
emailAddress = [email protected]
[ req_attributes ]
3. Use the self-signed certificate created in
(the mock certificate authority’s certif-
icate is used in this example), to sign the certificate generated in
. This authori-
zation is accomplished using the
OpenSSL x509
command, as shown in the
following code fragment.
OpenSSL> x509 -days 100 -CA Root.crt -CAkey RootKey.txt -in
SrvrSS.crt -out Srvr.crt -set_serial 0x1234
Loading 'screen' into random state - done
Signature ok
subject=/C=US/ST=CA/L=San Jose/O=Zilog Inc./CN=My SSL Server/
Getting CA Private Key
OpenSSL>
An example of the contents of the generated Srvr.crt text file
(PEM encoded) follows:
-----BEGIN CERTIFICATE-----
MIIBvzCCAWmgAwIBAgICEjQwDQYJKoZIhvcNAQEEBQAwUjELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAkNBMREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UEChMFWmlMT0cx
EzARBgNVBAMTClpUUCBTU0wgQ0EwHhcNMDUxMDE1MjE1NDI1WhcNMDYwMTIzMjE1
NDI1WjB9MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExETAPBgNVBAcTCFNhbiBK
b3NlMRMwEQYDVQQKEwpaaUxPRyBJbmMuMRYwFAYDVQQDEw1NeSBTU0wgU2VydmVy
MSEwHwYJKoZIhvcNAQkBFhJuYW1lQG15Y29tcGFueS5jb20wXDANBgkqhkiG9w0B
AQEFAANLADBIAkEAlHUuaMSbWu5jNAWDC8zTvM5JYQAsiJrXBkXDdOQKKHH6dlsH
MmUFdpxNYXQQMUmhpsc4ktWQORqdEROXQYV16QIDAQABMA0GCSqGSIb3DQEBBAUA
A0EAlnY7md2V/vKPWb/hNN9qbj/ZNNLGv+8QCii/3vm0WYsZFprS31FEcWDKu1aE
r/2NIm4yqJfXFM4jJxaYThX7xg==
-----END CERTIFICATE-----
To use this file, cut and paste the text between the
BEGIN
and
END
delimiters and place
it into a C array that will be referenced by a variable of type
CERT_CHAIN
. It is neces-
sary to append line continuation characters (\) to each line of text, as shown in
4. Create a
CERT_CHAIN
data structure which contains the server’s certificate, the CA’s
root certificates and the server’s private key. The following declaration shows an
example.
#include "SSL.h"