OpenSSL to generate a Private Key and Public Certificate on a PC

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSSL to generate a Private Key and Public Certificate on a PC

ssl_virgin
I need to use OpenSSL to generate a Private Key and Public Certificate, so that I can dynamically create encrypted PayPal buttons [ref: Chap 7 of “PayPal Website Payments Standard Checkout Integration Guide”.].  I should be able to create these on my PC and upload them to my space on a shared server.

My question is simple, but I have not been able to find an answer: how can I run OpenSSL on my PC?  I have downloaded the openssl-0.9.8a.tar file, but have no idea how to run it.  Simply double-clicking on it does nothing.  (My OS is Windows XP Home).

Any help would be appreciated.
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL to generate a Private Key and Public Certificate on a PC

Kyle Hamilton
Don't get the openssl-0.9.8a.tar file, go to the "precompiled
binaries" area and get the Windows precompiled version of it.  Then,
install it -- and when it's fully installed, you'll be able to go to a
command prompt and run the OpenSSL commands from the console.

-Kyle H

On 2/4/06, ssl_virgin (sent by Nabble.com) <[hidden email]> wrote:

>  I need to use OpenSSL to generate a Private Key and Public Certificate, so
> that I can dynamically create encrypted PayPal buttons [ref: Chap 7 of
> "PayPal Website Payments Standard Checkout Integration Guide".].  I should
> be able to create these on my PC and upload them to my space on a shared
> server.
>
> My question is simple, but I have not been able to find an answer: how can I
> run OpenSSL on my PC?  I have downloaded the openssl-0.9.8a.tar file, but
> have no idea how to run it.  Simply double-clicking on it does nothing.  (My
> OS is Windows XP Home).
>
> Any help would be appreciated.
> ________________________________
>  View this message in context: OpenSSL to generate a Private Key and Public
> Certificate on a PC
>  Sent from the OpenSSL - User forum at Nabble.com.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL to generate a Private Key and Public Certificate on a PC

Jorey Bump
In reply to this post by ssl_virgin
ssl_virgin (sent by Nabble.com) wrote:

> I need to use OpenSSL to generate a Private Key and Public Certificate,
> so that I can dynamically create encrypted PayPal buttons [ref: Chap 7
> of “PayPal Website Payments Standard Checkout Integration Guide”.].  I
> should be able to create these on my PC and upload them to my space on a
> shared server.
>
> My question is simple, but I have not been able to find an answer: how
> can I run OpenSSL on my PC?  I have downloaded the openssl-0.9.8a.tar
> file, but have no idea how to run it.  Simply double-clicking on it does
> nothing.  (My OS is Windows XP Home).
>
> Any help would be appreciated.

I manage a CA on my XP laptop using Cygwin. When it's not in use, the CA
directory is tarred and encrypted with GPG (and a long passphrase). I
also back this up on another server. Note that some environments demand
(a lot) more security than this.

An advantage of using Cygwin is that I get all of the tools I need
(openssl, openssh, gpg, rsync, tar, etc.) and the text files are
portable to other UNIX(like) systems. It's also extremely easy to update
(just run the setup program periodically). Cygwin usually has a recent
version of OpenSSL (currently 0.9.8a) that's suitable for most applications.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

servername extension and apache 2.2.0

Peter Sylvester-3
Hello,

I just have put together the small patch for apache 2.2.0 which allows
to use the sernername extension
logic in the development snapshot in order to select a different ssl
context, and also to
renegotiate if the vhost indicated by Host: has a different SSL_ctx
(e.g. certificate).

The patch also includes a little "const" fix due the SSL_method change.

See  http://www.edelweb.fr/EdelKey/files/apache-2.2.0+0.9.9+servername.patch
and http://www.edelweb.fr/EdelKey/  for the background story

Have fun
Peter

smime.p7s (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL to generate a Private Key and Public Certificate on a PC

ssl_virgin
In reply to this post by Kyle Hamilton
Many thanks for the replies!

Based on these, I've made some progress:
1) downloaded the pre-compiled binary from http://www.slproweb.com/products/Win32OpenSSL.html.
2) installed it.
3) according to the “help” file, I need to have Perl installed on the PC, so I did that.
4) navigated to the 'Crypto_SSLeay' and 'Net_SSLeay' areas using a DOS prompt, and typed “install” in each, which installed a bunch of files into the Perl area.

Now I'm stuck again:  how to I actually run the OpenSSL program?  

Thanks in advance!
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL to generate a Private Key and Public Certificate on a PC

Kyle Hamilton
You don't actually need the perl.  Find 'openssl.exe' and run that.

-Kyle H

On 2/6/06, ssl_virgin (sent by Nabble.com) <[hidden email]> wrote:

>  Many thanks for the replies!
>
> Based on these, I've made some progress:
> 1) downloaded the pre-compiled binary from
> http://www.slproweb.com/products/Win32OpenSSL.html.
> 2) installed it.
> 3) according to the "help" file, I need to have Perl installed on the PC, so
> I did that.
> 4) navigated to the 'Crypto_SSLeay' and 'Net_SSLeay' areas using a DOS
> prompt, and typed "install" in each, which installed a bunch of files into
> the Perl area.
>
> Now I'm stuck again:  how to I actually run the OpenSSL program?
>
> Thanks in advance!
> ________________________________
>  View this message in context: Re: OpenSSL to generate a Private Key and
> Public Certificate on a PC
>
>  Sent from the OpenSSL - User forum at Nabble.com.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: servername extension and apache 2.2.0

wrowe
In reply to this post by Peter Sylvester-3
If you want to submit and have considered by the httpd project, perhaps you
ment to submit it there?

Nice work b.t.w.

Bill


Peter Sylvester wrote:

> Hello,
>
> I just have put together the small patch for apache 2.2.0 which allows
> to use the sernername extension
> logic in the development snapshot in order to select a different ssl
> context, and also to
> renegotiate if the vhost indicated by Host: has a different SSL_ctx
> (e.g. certificate).
>
> The patch also includes a little "const" fix due the SSL_method change.
>
> See  
> http://www.edelweb.fr/EdelKey/files/apache-2.2.0+0.9.9+servername.patch
> and http://www.edelweb.fr/EdelKey/  for the background story
>
> Have fun
> Peter
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL to generate a Private Key and Public Certificate on a PC

ssl_virgin
In reply to this post by Kyle Hamilton
Ah, that's it - excellent!  Many thanks!!
Reply | Threaded
Open this post in threaded view
|

Re: servername extension and apache 2.2.0

Peter Sylvester-3
In reply to this post by wrowe
William A. Rowe, Jr. wrote:
> If you want to submit and have considered by the httpd project,
> perhaps you
> ment to submit it there?
Not yet. Since the corresponding openssl code is still in the
development branch,
and not in a stable one.

The apache2 patch was done to see whether the api is good,
or, an attempt to motivate the openssl developpers to regard whether  the
openssl API is something that needs to be changed or not, whether it is
missing
some functionality or else whenever they have time. :-)
>
> Nice work b.t.w.
Thanks.

smime.p7s (6K) Download Attachment