Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
help with cetificates
November 16, 2022
16:59, EET
Avatar
Mark Petty
Member
Members
Forum Posts: 11
Member Since:
October 26, 2016
sp_UserOfflineSmall Offline

Hi,

I know this topic has been discussed before (and I’ve read most of the responses), but I can’t get certificates to work in my java code. I’m currently trying to simply get the prosys client talking to the prosys server, and I’m not succeeding. I’m hoping that once I have that working and have the appropriate files I can make my code work as well.

Could you walk me through the steps (using openssl on Windows) on how to generate the certificate and private key and if and if and where files should be copied.

I’ve tried:

openssl genrsa -out default_privatekey.pem 2048
openssl req -new -key default_privatekey.pem -out cert.csr -subj “/C=US/ST=VA/L=Fairfax/O=Sightline/OU=IT/CN=Sydney”
openssl x509 -req -days 3650 -extfile extensions.cnf -in cert.csr -signkey default_privatekey.pem -out sydney.crt
openssl x509 -in sydney.crt -inform PEM -out sydney.der -outform DER

with the extensions file:

basicConstraints=CA:TRUE
authorityKeyIdentifier=keyid,issuer
keyUsage=dataEncipherment,keyEncipherment,nonRepudiation,digitalSignature,keyCertSign,cRLSign
extendedKeyUsage=serverAuth,clientAuth
subjectAltName=URI:URN:sydney

I’m using the resulting files sydney.der and default_privatekey.pem (no password) and get “server rejected selected identification (wrong username or password, certificate or private key)

-Thanks
-Mark
Any help would be appreciated.

November 16, 2022
17:32, EET
Avatar
Bjarne Boström
Moderator
Moderators
Forum Posts: 860
Member Since:
April 3, 2012
sp_UserOfflineSmall Offline

Do you mean the ApplicationInstanceCertificates or user authentication certificates? (or I guess you could mean both, but then you would have in practice 2 different certificates)

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 267

Currently Online:
19 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

hbrackel: 124

pramanj: 86

ibrahim: 74

rocket science: 65

kapsl: 57

Sabari: 51

gjevremovic: 49

Xavier: 43

fred: 41

TimK: 41

Member Stats:

Guest Posters: 0

Members: 1749

Moderators: 15

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1323

Posts: 5649

Newest Members:

WalterFOUNC, datafastproxiespx01, LenkaLok, seoninet, justinevillanuev, namtrott5457, DonaldWibip, AlfredoEthix, andreidla, everangel7021

Moderators: Jouni Aro: 960, Otso Palonen: 32, Tuomas Hiltunen: 5, Pyry: 1, Petri: 0, Bjarne Boström: 860, Heikki Tahvanainen: 402, Jukka Asikainen: 1, moldzh08: 0, Jimmy Ni: 25, Teppo Uimonen: 21, Markus Johansson: 42, Niklas Nurminen: 0, Matti Siponen: 222, Lusetti: 0

Administrators: admin: 1