Topic: cacert installation

[redteo]

sorry i'm not good on the code . i need to install ssl certificate
i'm following the howto to install cacert.

Code: [Select]

#!/usr/bin/perl

use strict;
use esmith::util;
use esmith::ConfigDB;
use esmith::DomainsDB;

my $config   = esmith::ConfigDB->open;
my $domainsdb = esmith::DomainsDB->open_ro;

my $domain = $config->get('DomainName')->value;
my %domain_names = map { $_->{key} => 1 } grep { $_->key ne $domain } $domainsdb->domains;

my @domains = ($domain, keys %domain_names);

open(CONFIG, ">$domains[0].config") or die "Can't open openssl config file: $!";
print CONFIG "HOME = .\nRANDFILE = \$ENV::HOME/.rnd\n\n";
print CONFIG "[ req ]\ndefault_bits = 1024\ndistinguished_name = req_distinguished_name\n";
print CONFIG "req_extensions = v3_req\nprompt = no\n\n";
print CONFIG "[ req_distinguished_name ]\nCN = $domains[0]\n\n";
print CONFIG "[ v3_req ]\nbasicConstraints = CA:FALSE\nkeyUsage = nonRepudiation,digitalSignature,keyEncipherment\n";
print CONFIG "subjectAltName = critical,", join ",", map { "DNS:$_,DNS:*.$_" } @domains;
print CONFIG "\n";
close(CONFIG) or die "Closing openssl config file reported: $!";

unless ( -f "$domains[0].key" )
{
    open(KEY, ">$domains[0].key") or die "Can't open key file: $!";
    unless (open(SSL,"-|"))
    {
        exec("/usr/bin/openssl",
            qw(genrsa -rand),
            join(':',
            qw(
                /proc/apm
                /proc/cpuinfo
                /proc/dma
                /proc/filesystems
                /proc/interrupts
                /proc/ioports
                /proc/bus/pci/devices
                /proc/rtc
                /proc/uptime
                )),
            '1024')
            || die "can't exec program: $!";
    }
    while (<SSL>)
    {
        print KEY $_;
    }
    close(SSL) or die "Closing openssl pipe reported: $!";
    close(KEY) or die "Closing key file reported: $!";
}

open(CSR, ">$domains[0].csr") or die "Can't open csr $!";
unless (open(SSL,"-|"))
{
    exec("/usr/bin/openssl",
        qw(req -config), "$domains[0].config",
        qw(-new -key), "$domains[0].key",
        qw(-days 730 -set_serial), time())
        || die "can't exec program: $!";
}
while (<SSL>)
{
    print CSR $_;
}
close(SSL) or die "Closing openssl pipe reported: $!";
close(CSR) or die "Closing csr file reported: $!";
i have to change domain with my own but where??
can someone write for me the code abowe to use wit "example.com"
i tried without succes

thanks to all for patience

[Paspv]

I assume you are following the wiki at http://wiki.contribs.org/Certificate ?
If you have version 7.1.3 or above (7.3 is current) then this is not needed. It is at the bottom of the page.

[redteo]

i used this guide : http://wiki.contribs.org/Custom_CA_Certificate

yes i have 7.3 version i not understod that you said about the botton of the page???
please explain

[redteo]

no is not the same how to...

[Paspv]

Oh, I see which Wiki you're on. You don't have to change the script, you should replace it in all commands after that. The first command is:

Code: [Select]

cat {domain}.csr
Replace {domain} with you're domain name.

[redteo]

Code: [Select]

3590 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
.................................++++++
.........................++++++
e is 65537 (0x10001)
error on line 16 of example.com.config
18097:error:0E066065:configuration file routines:CONF_load_bio:missing equal sign:conf_def.c:366:line 16
Closing openssl pipe reported:  at ./certori line 70.
if i use the script i get this errors....

so..
what ca i do???

[redteo]

i solved..
the problem was that i pasted the code
in a wrong way...
i tryed several times and got again the same error...
maybe some proble on the browse,, yes sound strange but is true

looking back on the forum i found another post with the same post.
and thaks..
i corrected the problem copyng the code in a different way.