How to create PKCS10 request to get web certificate

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

How to create PKCS10 request to get web certificate

BHATT Mayank
How to create PKCS10 request to get web certificate

How to create PKCS10 request to get web certificate ?

I need to do following

1)      Generate the key pair (private + public)  

2)      Generate the PKCS10 request using public key

3)      Connect to Enrolment server and submit the PKCS10 request to get the certificate.

4)      Put all Private key, User certificate and CA certificate together as PKCS12 request and protect it with randomly generated password

5)      Now convert PKCS12 request to PEM format.

All the above steps can be done using openssl binary, but the requirement is that I need to do all this using openssl library ?

Can someone help me to figure out how to do this using openssl library and what all API, should be used ?

Are there any sample code available that I can refer to ?

Thanks,

Mayank


smime.p7s (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: How to create PKCS10 request to get web certificate

Dr. Stephen Henson
On Wed, Jul 06, 2011, BHATT Mayank wrote:

> How to create PKCS10 request to get web certificate ?
>
> I need to do following
>
> 1)      Generate the key pair (private + public)  
> 2)      Generate the PKCS10 request using public key
> 3)      Connect to Enrolment server and submit the PKCS10 request to get the
> certificate.
> 4)      Put all Private key, User certificate and CA certificate together as
> PKCS12 request and protect it with randomly generated password
> 5)      Now convert PKCS12 request to PEM format.
> All the above steps can be done using openssl binary, but the requirement is
> that I need to do all this using openssl library ?
> Can someone help me to figure out how to do this using openssl library and
> what all API, should be used ?
> Are there any sample code available that I can refer to ?
>
>

Look under demos/x509/mkreq.c for 1, 2. For 3 your are on your own.

4 seems redundant but demos/pkcs12/pkwrite.c is an example.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]