Hi,

I know this topic has been discussed before (and I’ve read most of the responses), but I can’t get certificates to work in my java code. I’m currently trying to simply get the prosys client talking to the prosys server, and I’m not succeeding. I’m hoping that once I have that working and have the appropriate files I can make my code work as well.

Could you walk me through the steps (using openssl on Windows) on how to generate the certificate and private key and if and if and where files should be copied.

I’ve tried:

openssl genrsa -out default_privatekey.pem 2048
openssl req -new -key default_privatekey.pem -out cert.csr -subj “/C=US/ST=VA/L=Fairfax/O=Sightline/OU=IT/CN=Sydney”
openssl x509 -req -days 3650 -extfile extensions.cnf -in cert.csr -signkey default_privatekey.pem -out sydney.crt
openssl x509 -in sydney.crt -inform PEM -out sydney.der -outform DER

with the extensions file:

basicConstraints=CA:TRUE
authorityKeyIdentifier=keyid,issuer
keyUsage=dataEncipherment,keyEncipherment,nonRepudiation,digitalSignature,keyCertSign,cRLSign
extendedKeyUsage=serverAuth,clientAuth
subjectAltName=URI:URN:sydney

I’m using the resulting files sydney.der and default_privatekey.pem (no password) and get “server rejected selected identification (wrong username or password, certificate or private key)

-Thanks
-Mark
Any help would be appreciated.