generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update README

Browse Source
This commit is contained in:
Dr. Stephen Henson 2012-09-09 20:47:36 +00:00
parent 79b184fb4b
commit 61d24f102d
1 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
demos/certs/README
View File

@ -3,7 +3,19 @@ a script. This is often a cause for confusion which can result in incorrect
CA certificates, obsolete V1 certificates or duplicate serial numbers. CA certificates, obsolete V1 certificates or duplicate serial numbers.
The range of command line options can be daunting for a beginner. The range of command line options can be daunting for a beginner.
This is a simple example of how to generate certificates automatically The mkcerts.sh script is an example of how to generate certificates
using scripts. Example creates a root CA, a server certificate signed by automatically using scripts. Example creates a root CA, an intermediate CA
the root, an intermediate CA signed by the root and finally a client signed by the root and several certificates signed by the intermediate CA.
certificate signed by the intermediate CA.
The script then creates an empty index.txt file and adds entries for the
certificates and generates a CRL. Then one certificate is revoked and a
second CRL generated.
The script ocsprun.sh runs the test responder on port 8888 covering the
client certificates.
The script ocspquery.sh queries the status of the certificates using the
test responder.