Carlos E. R. wrote:
On 2014-09-01 13:00, Per Jessen wrote:
Carlos E. R. wrote:
That google thing finds 51,300 results. Polishing to "create your own certificate authority opensuse" gets 21,300 results - and none of those I read mentions that there is a YaST module that creates your own local CA!
Ok, so I create an authority. But now I don't know how to add or sign the dovecot certificate with it.
Once you have established yourself as a CA, you then act like one. With your user hat on, you create a certificate and a signing request and send it to your CA, i.e. yourself.
I thought that might be so, but no idea how to do that :-?
Create a root CA: in <myrootauthority> run CA.pl -newca - "CA.pl" is a script that comes with openssl. You will need to familiarise yourself with the whole thing and get a setup that works, it does take some time. To issue a new certificate: openssl req -new -x509 -nodes -keyout file.key -out file.crt openssl x509 -x509toreq -in file.crt -signkey file.key -out tmp.pem openssl ca -days 3652 -policy policy_anything -out file.pem -infiles tmp.pem
I still need to learn what to do as "user". I guess I must create some file.
It is a pretty well documented process, even if a bit cumbersome.
Not very well documented - specially the yast part.
Dunno about YaST, I have never used it in this context, but the openssl stuff is quite well documented. (if not, I would have never have managed either). -- Per Jessen, Zürich (12.9°C) http://www.hostsuisse.com/ - virtual servers, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org