Friday, July 28, 2006
Welcome to CAcert.org
Tuesday, July 04, 2006
Wild ID - Totally Free Digital ID
Digitales Zertifikat - Klassen
Digitales Zertifikat - Wikipedia
Die Klasse des Zertifikates gibt die Art der Prüfung bei Ausstellung des Zertifikates wieder:
Klasse 1: keine Prüfung, nur E-Mail-Adresse verifiziert
Klasse 2: schriftliche Dokumente, Vorlage und Prüfung Ausweiskopie
Klasse 3: persönliche Prüfung, Ausweisprüfung, Dokumente
Die Klasse des Zertifikates gibt die Art der Prüfung bei Ausstellung des Zertifikates wieder:
Klasse 1: keine Prüfung, nur E-Mail-Adresse verifiziert
Klasse 2: schriftliche Dokumente, Vorlage und Prüfung Ausweiskopie
Klasse 3: persönliche Prüfung, Ausweisprüfung, Dokumente
Uni Bremen Infos rund um das Thema SSL Zertifikate
Monday, July 03, 2006
ONLamp.com: Creating Your Own CA
How to Create Certificates
How to Create Certificates: "To create your own self-signed certificate for your test environment
1.
Create an RSA private key for your root certificate:
openssl genrsa -des3 -out ca.key 1024
Back up this key and remember the pass-phrase.
2.
Create a decrypted PEM version of this private key:
openssl rsa -in ca.key -out ca.key.unsecure
3.
Create the self-signed root certificate with the private key. The 'Common Name' of your certification authority must be different from the 'Common Name' of your formerly created certificate sign request for your server:
openssl req -new -x509 -days 365 -key ca.key -out ca.crt -config myssl.cnf
4.
Define a .cnf file. This can look like the myssl.cnf file that is used in this example (see below).
5.
Create a .rand file in your working directory. (Note that the filename begins with a dot, therefore it is a hidden file which may not be shown when you list the directory's contents in the Explorer.) This file must contain three lines with 40 to 50 characters of random text.
6.
Create an empty file called index.txt and an empty subdirectory called newcerts in your working directory.
7.
Create a file called serial in the current directory and enter '01' in column 1, line 1.
8.
Sign your certificate with the newly created self-signed root certificate:
openssl ca -config myssl.cnf -policy policy_any -out server.crt -infiles server.csr
This step creates the files server.crt, server.key and server.key.unsecure."
1.
Create an RSA private key for your root certificate:
openssl genrsa -des3 -out ca.key 1024
Back up this key and remember the pass-phrase.
2.
Create a decrypted PEM version of this private key:
openssl rsa -in ca.key -out ca.key.unsecure
3.
Create the self-signed root certificate with the private key. The 'Common Name' of your certification authority must be different from the 'Common Name' of your formerly created certificate sign request for your server:
openssl req -new -x509 -days 365 -key ca.key -out ca.crt -config myssl.cnf
4.
Define a .cnf file. This can look like the myssl.cnf file that is used in this example (see below).
5.
Create a .rand file in your working directory. (Note that the filename begins with a dot, therefore it is a hidden file which may not be shown when you list the directory's contents in the Explorer.) This file must contain three lines with 40 to 50 characters of random text.
6.
Create an empty file called index.txt and an empty subdirectory called newcerts in your working directory.
7.
Create a file called serial in the current directory and enter '01' in column 1, line 1.
8.
Sign your certificate with the newly created self-signed root certificate:
openssl ca -config myssl.cnf -policy policy_any -out server.crt -infiles server.csr
This step creates the files server.crt, server.key and server.key.unsecure."
HMI CA in der DFN PKI
Sunday, July 02, 2006
RSA Security - Public-Key Cryptography Standards (PKCS)
RSA Security - Public-Key Cryptography Standards (PKCS)
PKCS #1: RSA Cryptography Standard
PKCS #3: Diffie-Hellman Key Agreement Standard
PKCS #5: Password-Based Cryptography Standard
PKCS #6: Extended-Certificate Syntax Standard
PKCS #7: Cryptographic Message Syntax Standard
PKCS #8: Private-Key Information Syntax Standard
PKCS #9: Selected Attribute Types
PKCS #10: Certification Request Syntax Standard
PKCS #11: Cryptographic Token Interface Standard
PKCS #12: Personal Information Exchange Syntax Standard
PKCS #13: Elliptic Curve Cryptography Standard
PKCS #15: Cryptographic Token Information Format Standard
PKCS #1: RSA Cryptography Standard
PKCS #3: Diffie-Hellman Key Agreement Standard
PKCS #5: Password-Based Cryptography Standard
PKCS #6: Extended-Certificate Syntax Standard
PKCS #7: Cryptographic Message Syntax Standard
PKCS #8: Private-Key Information Syntax Standard
PKCS #9: Selected Attribute Types
PKCS #10: Certification Request Syntax Standard
PKCS #11: Cryptographic Token Interface Standard
PKCS #12: Personal Information Exchange Syntax Standard
PKCS #13: Elliptic Curve Cryptography Standard
PKCS #15: Cryptographic Token Information Format Standard