convert untrusted certificate to a trusted one.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

convert untrusted certificate to a trusted one.

Andrew Madu
Hi,
I have created a selcert certificate, under java 1.5, which I need to convert to a trusted one. How can I do this using openssl or keytools?
 
regards
 
Andrew
Reply | Threaded
Open this post in threaded view
|

Re: convert untrusted certificate to a trusted one.

michael Dorrian
what exactly do you mean?. Have you made a self signed certificate yourself which is untrusted or what type of certificate have you now that is "untrusted".

Andrew Madu <[hidden email]> wrote:
Hi,
I have created a selcert certificate, under java 1.5, which I need to convert to a trusted one. How can I do this using openssl or keytools?
 
regards
 
Andrew


Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze.
Reply | Threaded
Open this post in threaded view
|

Re: convert untrusted certificate to a trusted one.

Andrew Madu
Hi Michael,
yes I have made a self signed certificate (untrusted) which I want to make trusted if  possible.

regards

Andrew

On 3/20/06, michael Dorrian <[hidden email]> wrote:
what exactly do you mean?. Have you made a self signed certificate yourself which is untrusted or what type of certificate have you now that is "untrusted".


Andrew Madu <[hidden email]> wrote:
Hi,
I have created a selcert certificate, under java 1.5, which I need to convert to a trusted one. How can I do this using openssl or keytools?
 
regards
 
Andrew


Yahoo! Mail
Bring photos to life! <a href="http://pa.yahoo.com/*http://us.rd.yahoo.com/evt=39174/*http://photomail.mail.yahoo.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">New PhotoMail makes sharing a breeze.


Reply | Threaded
Open this post in threaded view
|

Re: convert untrusted certificate to a trusted one.

michael Dorrian
Andrew
You may need to buy a trusted certificate from some company who sells them like for example "VeriSign". They are pretty expensive. I take it whatever organisation you are working for then they will have to buy it. I am afraid you cannot convert a certificate to a trusted one using openssl unless you make certificates for both the client and the server yourself. If you are distributing software to clients and then they connect to your server then you can embed your trusted ca when you install the software but if for example you have no control over the client side then you need to buy the certificate. What are you using the cetificates for?. For example www.amazon.com have a trusted certificate. Because anyone browsing the web can log on but there is no control on the client side so the only way they can have security is to buy their certificate from an agency that specializes in it. The web browser checks to see if the web sites certificate is from a trusted authority(e.g verisign) if it is then only a security alert dialog box appears and you click ok to enter but if its a self signed certificate then another dialog box appears after you click ok. This warns you that the certificate was not issued by a trusted authority so it is not "trusted". A self signed certificate and a trusted certificate have the same security as far as encryption is concerned but the trusted certificate is from an agency that specialises in making certificates. This explains the process for making a self signed certificate for a web browser at http://www.xenocafe.com/tutorials/self_signed_cert_IIS/self_signed_cert_IIS-part1.php. If you set up this server on windows XP and then try to log in to your machine you will see the two dialog boxes appear. In a secure website the second dialog box does not appear because the site is trusted. I gave you this example because it is very simple and easy to understand presuming you have windows XP.
Hope this helps.
Michael

Andrew Madu <[hidden email]> wrote:
Hi Michael,
yes I have made a self signed certificate (untrusted) which I want to make trusted if  possible.

regards

Andrew

On 3/20/06, michael Dorrian <[hidden email]> wrote:
what exactly do you mean?. Have you made a self signed certificate yourself which is untrusted or what type of certificate have you now that is "untrusted".


Andrew Madu <[hidden email]> wrote:
Hi,
I have created a selcert certificate, under java 1.5, which I need to convert to a trusted one. How can I do this using openssl or keytools?
 
regards
 
Andrew


Yahoo! Mail
Bring photos to life! <A onclick="return top.js.OpenExtLink(window,event,this)" href="http://pa.yahoo.com/*http://us.rd.yahoo.com/evt=39174/*http://photomail.mail.yahoo.com" target=_blank>New PhotoMail makes sharing a breeze.



Yahoo! Mail
Use Photomail to share photos without annoying attachments.