[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Certificate Request with sha1 encoding



Sender: "Peter Sawatzki" <peter@xxxxxxxxxxx>

Scott,

I was using the openssl tool on my PC to dump the request that was generated
by the AS/400's Digital Certificate manager. However to make a request for a
certificate of the AS/400's private key I somehow need access to the private
key store, correct ? Or is openssl available on the iSeries (I'm on a V5R2
system).

Peter

-----Original Message-----
From: owner-ftpapi@xxxxxxxxxxxxx [mailto:owner-ftpapi@xxxxxxxxxxxxx] On
Behalf Of Scott Klement
Sent: Sunday, May 22, 2005 7:51 AM
To: ftpapi@xxxxxxxxxxxxx
Subject: Re: Certificate Request with sha1 encoding

Sender: Scott Klement <sk@xxxxxxxxxxxxxxxx>


Since you're apparently able to use the openssl tools, why not use them to 
generate the certificate request?

---
Scott Klement  http://www.scottklement.com

On Sat, 21 May 2005, Peter Sawatzki wrote:

> Sender: "Peter Sawatzki" <peter@xxxxxxxxxxx>
>
> Not exactly a httpapi specific issue but I have to send a certificate
> request to a business partner and it appears that he can only accept a
> certificate request with sha1 encoding. The certificate request that the
DCM
> makes is md5 encoded and I do not know how to make it issue a request with
> sha1 encoding. Also the request must contain an email attribute and that
> seems also not possible.
>
> Here is a dump of the as/400 certificate request I can make:
>
> \programme\openssl\bin\openssl req -text -in Test1.csr
> Certificate Request:
>    Data:
>        Version: 0 (0x0)
>        Subject: C=DE, ST=NRW, O=MyOrg, OU=600/11100-600/11101,
>          CN=My Name
>        Subject Public Key Info:
>            Public Key Algorithm: rsaEncryption
>            RSA Public Key: (1024 bit)
>                Modulus (1024 bit):
> [hex data]
>                Exponent: 65537 (0x10001)
>        Attributes:
>            a0:00
>    Signature Algorithm: md5WithRSAEncryption
> [hex data]
>
> And here is an example of a certificate request as it should be:
>
> Certificate Request:
>    Data:
>        Version: 0 (0x0)
>        Subject: C=DE, L= , MyOrg, OU=600/11100-600/11101,
>          CN=My Name/emailAddress=MyEMail@xxxxxxxxxxxxx
>
>        Subject Public Key Info:
>            Public Key Algorithm: rsaEncryption
>            RSA Public Key: (1024 bit)
>                Modulus (1024 bit):
> [hax data]
>                Exponent: 65537 (0x10001)
>        Attributes:
>            emailAddress             :MyEMail@xxxxxxxxxxxxx
>    Signature Algorithm: sha1WithRSA
>
> Anyone know how to issue a request from the AS/400 like the above ?
>
> Peter
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list.  To unsubsribe from the list send mail
> to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
> -----------------------------------------------------------------------
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------