Using OpenSSL to Generate/Convert Keys and Certificates

Expand / Collapse
 

Using OpenSSL to Generate/Convert Keys and Certificates


THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • Secure FTP Server (FIPS)
  • EFT Server

QUESTION

How can I generate and convert keys and certificates?

ANSWER

The server's Certificate Creation wizard guides you through the process of creating keys and certificates without using a command line. If you prefer to use a command line tool, the OpenSSL command-line tool can be used to generate and convert private keys and public certificates, including:

  • Creation of RSA, DH, and DSA key parameters
  • Creation of X.509 certificates, CSRs, and CRLs
  • Calculation of Message Digests
  • Encryption and Decryption with Ciphers
  • SSL/TLS Client and Server Tests
  • Handling of S/MIME signed or encrypted mail

You can download the precompiled Windows binary and Windows Installer for OpenSSL from http://www.openssl.org/related/binaries.html. The OpenSSL distribution contains a number of utilities, including the main utility openssl.exe. By default, the utilities are installed in C:\Openssl\bin. The main utility, openssl.exe, and associated utilities are used at a Windows command prompt.

Some commands require specification of the OpenSSL configuration file openssl.cnf. By default, this file is installed in C:\Openssl\bin. Therefore, when required to specify the configuration filename, you would use the following path:

  • In SSL library version 0.9.8g the file is C:\OpenSSL\bin\openssl.cnf
  • In SSL library version 0.9.8h and later, the file is C:\OpenSSL\bin\openssl.cfg

You can run the commands from any location by specifying the full path to the desired executable or by changing to the bin directory and using only the executable filenames.

For example:

>cd c:\temp

>c:\Openssl\bin\openssl

Or:

>cd c:\Openssl\bin

>openssl.exe

Using OpenSSL to Generate and Convert Private Keys and Public Certificates

Refer to the procedures below for using OpenSSL to generate or convert private keys and public certificates.



Rate this Article:

Add Your Comments


Comment require login or registration.

Details
Last Modified:Wednesday, February 15, 2012

Last Modified By: GlobalSCAPE 5

Type: HOWTO

Rated 1 star based on 2 votes.

Article has been viewed 40,656 times.

Options